Joe Junkin <[EMAIL PROTECTED]> wrote:
> When a pop user logs in to check mail, they send their user password in clear
> text over the network. So, a pop user account could be comprimised, and is
> therefore unsecure. On a mail server I administer, I set all of the qmail user
> accounts shell to be /bin/false which disallows a direct login by the user. This
> is fine with me since none of my email accounts will every log in.
>
> This seems secure, but is it enough? Is there more that one can do to secure pop
> accounts?
Or you could do what I do -- run an ssh server on the POP server and ssh client on the
clients. Have the
clients configured to forward a local port over the encrypted tunnel to the POP port
on the server -- voila,
instant secure POP with any POP client. Works well.
Charles
--
----------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
Any opinions expressed are just that -- my opinions.
----------------------------------------------------
