> Ives, > ...Thus, even if Kerberos is keeping NT/AD usernames and passwords > from flying around your network in clear-text, the second someone > checks their email with a standard POP3 client the information is > sent to Imail POP3 in the clear...
Not so. IMail offers APOP authentication, which will prevent this level of compromise. However, the data itself, unless encrypted separately, will still travel in the clear. What you should also be thinking about is individual threat assessment. Are you worried about end users sniffing the wire? Then use a fully switched network, which will surely cost less to implement and support than a tunneling appliance! Or are you worried about sniffing by sysadmins who have switchroom access, but don't otherwise have access to the mail server infrastructure? > ...could one set this appliance infront of the mail server to > eliminate POP3 passwords from being sent through the internal > network in the clear? Thus providing a enternal end-to-end tunel > from the POP3 client to the SSL offloader which I'm guessing has one > port that leads to the network and another that links right into the > Imail server. You don't need a physically isolated subnet. Once the tunnel is set up, it could traverse multiple shared or switched links. -Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] ------------------------------------ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
