On Fri, Dec 15, 2000 at 09:17:53PM +0100, Niklas Fondberg wrote:
> What I need is for (>5) employes to be able to check for mail when they are at home.
>Mail sent internally in the company isn't encrypted and is very sensitive so checking
>mail at home with a SSL solution is what I need.
>
> in short: Checking/sending mail on a mailserver in a secure (non-expensive) manner
(There is a conflict in declaring mail "very sensitive" and not having it
encrypted in the company...)
You have more or less got two options:
- Build an SSH connection and forward pop/imap and smtp over this secure
channel. Check out the -L option of SSH, e.g. -L 110:mailserver:110
so that you forward a POP3 connection to "localhost" to the POP3 port
of your mailserver. The SSH connection must be established to a host
inside your company, of course. The same holds for SMTP.
* This solution is appropriate for this newsgroup. I never managed my
Windows-users to use it.
- Modern email software supports using SSL/TLS encrypted channels without
using SSH at all. On the client side, e.g. Netscape supports SMTP with
SSL support (STARTTLS protocol) and IMAP with SSL support, Outlook supports
SMTP with SSL (wrapping on all ports but port 25, on which STARTTLS is used).
On the server side, up to date mail software also supports the corresponding
functionality.
UW-Imap-2000 supports POP3/IMAP with SSL (I am sure, I use it :-).
Other servers like cyrus and courier shall support, it too, from what I've
read.
SMTP with TLS enhancement is included with the latest version of sendmail
and Zmailer. External patchkits with TLS support are available for qmail
and postfix. I personally use Postfix with TLS enhancement patch, but hey,
I am the author of the enhancement :-) Available from my homepage, see my
.signature :-)
Please make sure to understand, that all of these solutions only cover the
connection between your host and the servers in your company. The messages
itself, when downloaded from the servers, are sitting around on your computer
at home unencrypted. If you bring it to the computer shop for repair, the
people working there can read it.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
