[OLUG] Secure connect for mail
tetherow at nol.org
tetherow at nol.org
Sun Dec 5 22:37:23 UTC 1999
On 5 Dec, Chris Garrity wrote:
> Is there a way (I'm sure there is, I just don't know it), to connect
> securely to a mail server? Using SSH for remote connections seems a
> must, and I do that, but what about requests made by mail clients to
> mail servers? Those usernames/passwords go over in plain text, what's
> the point of using SSH when my mail-requests go over in plain-text?
The largest problem here is mail clients. I know that KPOP is a
standard which uses kerberos for the POP transport but I don't know
anyone who uses kerberos nor do I know of any mail clients that support
it. You are better off looking at something along the lines of SASL
which is part of the Cyrus stuff (check http://asg.web.cmu.edu/cyrus/
for details). I also know that you can use stunnel to get SSL support
into most mail readers and I have seen patches to sendmail for SSL
enabled transport. I am pretty sure I saw mention that outlook (ack,
cough, spit) actually supports SSL (or TLS) for mail host
communications. (Check http://opensource.3gi.com/sendmail-tls/ for the
sendmail patch and it may have references for further reading. The
stunnel bit was mentioned on the openssl mailling list. You can find
links to their mail archive from their homepage at
http://www.openssl.org).
If you actually find a decent solution on this issue could you post a
summary to the list? I think others would be interested, as I know I
would. I just haven't had the time to look into it in any depth.
------------------------------------------------------------------------
Sam Tetherow
Director of Development
Nebraska Online
-------------------------------------------------------------------------
Sent by OLUG Mailing list Manager, run by ezmlm. http://olug.bstc.net/
To unsubscribe: `echo unsubsribe | mail olug-unsubscribe at bstc.net`
More information about the OLUG
mailing list