Re: securing IMAP connection

[Devdas Bhagat <dvb () users sourceforge net>]

On 23/05/03 14:38 +1000, Fernando Serto wrote:
> hi folks!
>
> What is the best way to a secure imap connection?
imaps? IMAP with stunnel?
 
> I have an exchange server running on the internal network, and a postfix 
> with a valid ip address relaying/forwarding mail to the exchange. some 
> of the users want to use IMAP from their homes, but as the passwords are 
> on clear text and exchange/NT4 is not secure to put on the external 
> network, what should I do? our firewall is an iptables one...
You could use a web interface over https, or you could have stunnel
listening on port 993 and 143 on the Linux system, port forwarding 
to a local ssh tunnel to the MS Exchange server imaps port.
Then the users can just use imaps to work. stunnel is a very good tool
to tunnel applications over a SSL tunnel.
The tunnel will be transparent to the user

Devdas Bhagat

---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------