[Techtalk] More secure e-mail for road warriors?
Brenda Bell
k15a-list-linuxchix at theotherbell.com
Fri Sep 19 14:12:19 EST 2003
Quoting Raven Alder <raven at oneeyedcrow.net>:
> IMAP + SSL. Keeps everything on the server, encrypts over the
> local LAN. Problems with this: not sure what clients give good support
> for this on both *nix (Linux and FreeBSD) and Windows, could not use it
> easily when traveling without installing another program on each remote
> machine. IIRC, Courier IMAP has had security problems, unsure what
> other IMAP/SSL servers there are out there. Unsure if it supports
> separate mail passwords & chrooting users.
>
> Some sort of Webmail + SSL. Accessible from anywhere, secure
> over the local LAN. Problems with this -- pretty much the same as
> above.
Not quite... for one, direct access to IMAP server means opening up another
port. If you're running a web server, the port you need for Webmail is
already open. With the webmail solution, any issues with Courier IMAP
exist inside your network -- said issues will not be exacerbated by a
webmail solution.
FWIW, I'm running qmail, Courier-IMAP and Vexira behind a NetBSD firewall
and my remote email access is via Horde running on Apache. From the
outside, I have ports open for HTTP, SMTP and sometimes SSH -- no IMAP, no
POP3, no LDAP or anything else to attract sticky fingers.
So far, it has worked pretty well. HTH.
--
Brenda
http://opensource.theotherbell.com
More information about the Techtalk
mailing list