Hello,
Bernd Eckenfels [EMAIL PROTECTED] wrote:
On Mon, Apr 29, 2002 at 09:22:00PM +0100, [EMAIL PROTECTED]
wrote:
I'm currently looking for pointers to POP3 application proxy
software.
Some can be found on http://www.freefire.org/tools/
Thanks for the pointer. Unfortunately, none
Hello,
I'm currently looking for pointers to POP3 application proxy
software.
What I'm looking for (a few of the objectives are conflicting) :
Ideally
- it should run on Unix (preferably Solaris)
- it should be able to forward connections to multiple
targets, as directed by the user
[EMAIL PROTECTED] wrote:
The objective is giving users outgoing POP3 access pursuant to
company policy and satisfying a wide range of requirements within
multiple large organizations (i.E. don't ask :-).
I know I'm (1) poking my nose where it doesn't belong (2) going
very OT and (3
On Mon, Apr 29, 2002 at 09:22:00PM +0100, [EMAIL PROTECTED] wrote:
I'm currently looking for pointers to POP3 application proxy
software.
Some can be found on http://www.freefire.org/tools/
- it should run on Unix (preferably Solaris)
- it should be able to forward connections to multiple
hi,
i recently installed a mailserver for linux 7.2 . Am using sendmail
8.11.2/8.11.6. Everything works well as far as smtp is concerned, the
main problem is pop3, in that most of the users have constant
disconnections while retrieving mail.The problem is the mail is
deleted from
Unless the pop3 software has some sort of process to do this, the
deletion of messages from the server occurs via the user's MUA.
- Dave
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of patrick
Sent: Monday, February 18, 2002 3:58 AM
To: [EMAIL
I don't believe that is a setting on the server. The client takes care
of that. A POP3 client will do a LIST and then attempt to RETRieve what
is listed. And then DELEtes each message individually.
A while back, when doing Internet support for an ISP, we used to come
across similar problems
On Thu, 7 Feb 2002, Reckhard, Tobias wrote:
they *do* upgrade it quickly as issues arise. Lotus falls just behind
Netscape/IPlanet in poor coding without a security clue in my book.
What NS/IPlanet products does your critique apply to, Paul? I've heard very
little on the security of,
On Wed, 6 Feb 2002 [EMAIL PROTECTED] wrote:
Date: Wed, 6 Feb 2002 01:13:02 +
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: pop3
Hi,
I've installed a firewall and I want to permit that users may consult their
email from home. Is is correct to give them
On Wed, 6 Feb 2002 [EMAIL PROTECTED] wrote:
My client uses Lotus Notes.
Then make sure they *don't* expose Notes to the Internet, and make sure
they *do* upgrade it quickly as issues arise. Lotus falls just behind
Netscape/IPlanet in poor coding without a security clue in my book.
They did a
they *do* upgrade it quickly as issues arise. Lotus falls just behind
Netscape/IPlanet in poor coding without a security clue in my book.
What NS/IPlanet products does your critique apply to, Paul? I've heard very
little on the security of, e.g. the LDAP, Web and, I believe, FTP servers.
I'd
Hi,
I've installed a firewall and I want to permit that users may consult their
email from home. Is is correct to give them access from home with pop3 ?
What are the riscs with the email server on the internal network or in DMZ
?
Thanks in advance,
Daniel Cenáculo
by: To: [EMAIL PROTECTED]
darryll cc:
Subject: Re: pop3
but
I've never done) or is there other forms ?
Thanks in advance,
Daniel Cenáculo
Darryl Luff
Sent by: To: [EMAIL PROTECTED]
darryll cc:
Subject: Re: pop3
Ron DuFresne wrote:
...
This is not totally correct, it depends upon how much access to the server
supplying the pop3 accounts one has to. If one creates the user accounts
so they only have access to remotely read their e-mails i.e. give a
shell of /dev/null, unless they can also exploit
hi ya
as ron says make sure you have a pop user name
and a different user shell account
- and make 100% sure the passwds is different on both of umm
better still to use secure pop3 and/or secure imap
or https for web-based email agents
c ya
alvin
http://www.Linux-Sec.net/Mail
[EMAIL PROTECTED]To: Ron DuFresne
[EMAIL PROTECTED]
u cc:
[EMAIL PROTECTED], [EMAIL PROTECTED]
Sent by:Subject: Re: pop3
I've never heard about secure pop3, I will check that, thanks.
Daniel Cenáculo
Alvin Oga
Darryl Luff
[EMAIL PROTECTED]To: Ron DuFresne
[EMAIL PROTECTED]
u cc:
[EMAIL PROTECTED], [EMAIL PROTECTED]
Sent by:Subject: Re: pop3
On Wed, 6 Feb 2002, Darryl Luff wrote:
[SNIP]
And internal users or admins playing around. Whether they have malicious
intentions or not, people seem to enjoy getting access to their mate's
(or boss's) passwords. Especially in a small site where the server is on
a user segment.
Ron DuFresne wrote:
This internal issue is perhaps the greater risk of sniffing one probably
faces in this area. And that does not have to be an issue of folks
reading e-mail externally. Sniffing is not the huge gotcha some believe
it to be really. For one thing, a person has to
On Wed, 6 Feb 2002, Darryl Luff wrote:
Ron DuFresne wrote:
This internal issue is perhaps the greater risk of sniffing one probably
faces in this area. And that does not have to be an issue of folks
reading e-mail externally. Sniffing is not the huge gotcha some believe
it to be
: Help to analyze the pop3 protocol
Bruno:
I have following code in iptables rules, this might be more appropriate.
# AUTH server
# Reject ident probes with a tcp reset
# Need to reset instead of drop for smtp, ftp, ssh and etc.
#
$IPTABLES -A INPUT -i $WAN_IFACE -p tcp
-
From: Bruno Negrão [SMTP:[EMAIL PROTECTED]]
Sent: woensdag 16 januari 2002 12:32
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Help to analyze the pop3 protocol
Hy Frank, thank you for this suggestion. Can you explain which is the
advantage in reseting the connection
Hy, i'm using a redhat linux with 2 ethernet interfaces and iptables +
ipmasquerading.
I made a tcpdump of a connection between a masqueraded client machine
(192.168.13.10) and my external pop3 server (falcon.etcetera). The
firewall's name is 15bis.etcetera.com.br
What I found interesting
Hi,
The auth protocol is a session between identd's on the
respective machines. Its purpose and protocol are
described in RFC-1413. If you specifically disable it,
on the firewall, then the pop3 session will wait until
it times-out (from the server side) before it continues.
Most people
of each:
1. Permit identd. This allows the querying server to try and
determine the userid of the requester of a service. In this case, the
server falcon is attempting to determine what userid is attached to the
process using the pop3 service (specified by the requester's source
port). I'll
: Skough Axel U/IT-S [EMAIL PROTECTED]
To: 'Bruno Negrão' [EMAIL PROTECTED]
Sent: Monday, January 14, 2002 10:51 AM
Subject: RE: Help to analyze the pop3 protocol
Hello,
The AUTH protocol is used by some servers on the Internet to verify the
connecting client. Your firewall should in general allow
without a process binded to it is a risk to the
firewall?
- Original Message -
From: Skough Axel U/IT-S [EMAIL PROTECTED]
To: 'Bruno Negrão' [EMAIL PROTECTED]
Sent: Monday, January 14, 2002 10:51 AM
Subject: RE: Help to analyze the pop3 protocol
Hello,
The AUTH protocol
hi ya...
i was poking around tonight on google for some
secure pop3 server stuff...
sorted thru most of the misc links...keep track
of the good stuff
http://www.Linux-Consulting.com/Mail/secure_pop3.txt
- well if it helps one person...guess its worth a post...
have fun linuxing
alvin
Hi
Iam trying to
get mail from a popserver over SSL (for external
pop-clients).
When i try to
connect to the mail server the following error from ssl:
LOG7[22462:1026]:
ipop3d startedLOG5[22462:1026]: ipop3d connected from
192.168.0.30:1161LOG7[22462:1026]: Local service
I'm not sure I understand your question...traffic goes both ways.
Do you???
1. Want to allow internal hosts to connect to external pop3 servers.
2. want to allow external hosts to connect to internal pop3 servers.
note: external=internet
I'm assuming #1. There's not that much risk involved
Does anybody have any comments, anecdotes, experiances with allowing the
POP3 service through a firewall. The proposed solution would be to allow
encrypted email go through a POP3 service as part of an overall EDI
solution.
1. Currently we only allow the SMTP service on a corporate basis.
2
/Celestica)
Subject: POP3 Service through Corporat
It depends on the needs. I work for a consulting organization and we must
allow POP3 through the firewalls in order to function as a business. But we
also make sure that there are strict rules in how it is used, the security
of it, and rules regarding encryption and sig's.
Allowing email access
"Watson, Peter" wrote:
Does anybody have any comments, anecdotes, experiances with allowing the
POP3 service through a firewall. The proposed solution would be to allow
encrypted email go through a POP3 service as part of an overall EDI
solution.
1. Currently we only allow the SM
Peter" [EMAIL PROTECTED] on 06/14/2000 10:39:01 AM
Does anybody have any comments, anecdotes, experiances with allowing the
POP3 service through a firewall. The proposed solution would be to allow
encrypted email go through a POP3 service as part of an overall EDI
solution.
1. Current
Does anyone know of a pop3 proxy that can have user level acls? I'm looking
for something with a little bit more refinement then tcpwrappers and netcat.
I'm looking for something that will allow me to associate access from
certain netblocks with users.
Sameer
-
[To unsubscribe, send mail
I am trying to implement the same thing myself. I didn't have any problem
setting up a generic proxy for POP3, but I am at a loss trying to connect
across the firewall. Do you have to put in a special name for the POP server
when configuring the mail client? For example, if the firewall is named
Hello,
i had a similar problem. I solved it with a VPN Network to our
firewall. POP3 is only allowd to our internal network and the adress
pool our VPN server serves. Additionaly the VPN network is encryted
so the risc is minimized.
Greetings,
Frank
Currently we have SMTP service only allowed
Currently we have SMTP service only allowed between our exchange server and
the ISP mail server. This firewall rule is working fine and we have had no
security incidents with this arrangement. Due to the usual political masters
which are this company they wish to enable POP3 service on our
I know that this bad security practice to allow the POP3
service to come in,
but I need additional internet white papers, concrete evidence, best
practices info on why we should not allow this.
Anything wrong with running POP if you have an SSL wrapper
in place for the transmission
On Wed, Sep 22, 1999 at 10:12:29AM +0700, Raymond wrote:
I am looking for POP3 client which can be used to connect to external POP3
server through firewall. I have tried Microsoft Outlook Express but it seems
it doesn't have capability to connect to POP3 server through firewall/proxy
I am looking for POP3 client which can be used to connect to external POP3
server through firewall. I have tried Microsoft Outlook Express but it seems
it doesn't have capability to connect to POP3 server through firewall/proxy.
Any information would be greatly appreciated.
Raymond
44 matches
Mail list logo
