Home page logo
/

basics logo Security Basics mailing list archives

securing IMAP connection
From: Fernando Serto <fernando.serto () memetrics com>
Date: Fri, 23 May 2003 14:38:11 +1000

hi folks!

What is the best way to a secure imap connection?

I have an exchange server running on the internal network, and a postfix with a valid ip address relaying/forwarding mail to the exchange. some of the users want to use IMAP from their homes, but as the passwords are on clear text and exchange/NT4 is not secure to put on the external network, what should I do? our firewall is an iptables one...

What we were discussing here is something like this:
the user should authenticate on the firewall, and then his ip would be allowed to connect to a secure imap port (port 993?) for a certain period, after the connection is iddle for 10 minutes (maybe less), the user should have to authenticate again. as the exchange won't be accessible from outside, we also need to forward the connection to it. is that too complicated?

thanks in advance,

Fernando


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes: Security +, Check Point, Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now! --UP TO 30% off classes in select cities-- http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault