On Tue, 25 May 2010 13:36:52 +0800 Nelson <[email protected]> wrote:
> I'll be setting up a mail server for our client and I want its pop3 > and imap4 to be secure by using ssl. > > However, I don't have a budget for my certificate to be sign by > certification authority. Would you advise to still use self-signed > cert? Would there be a problem on some email client such as Outlook or > Thunderbird? Usually browser knows that the certification is > self-signed and I'm just wondering if email client can detect also > those self-signed cert and could it cause a problem? > > Also, what is your suggestion for implementing this kind of setup? I'm > currently looking on Dovecot and it seems promising and easy to > setup. Just want to know if there are other better solutions out > there. > > > Thanks, > > > Nelson > There's no technical problem with it. Outlook & Thunderbird will both (like a web browser) present a warning that the user should be careful, because the server may not be who it says it is. Once accepted, though, the certificate will secure the session the same way a CA-signed cert would.
signature.asc
Description: PGP signature
