Re: [TCLUG:8010] IMAP vs POP3

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:8010] IMAP vs POP3
From: Eric Estabrooks <eric@urbanrage.com>
Date: Mon, 30 Aug 1999 19:12:28 -0500
References: <Pine.LNX.4.10.9908301454510.26891-100000@paoli.math.umn.edu>
Sender: eric@pooh.urbanrage.com

Peter Lukas wrote:

> They're both rather insecure methods of transfering mail.  IMAP is
> generally regarded as a strict no-no among the extremely paranoid.  The
> ideal method would be to wrap either POP or IMAP with ssh using the magic
> of port forwarding.  It's not all that practical for the average user, but
> it does guarantee encrypted transmission of username/password and e-mail
> (not to mention some pretty decent compression).
>
> It's rather easy to set up under unix and windows environments.  There are
> free windows SSH clients that allow port forwarding which could then be
> combined with a pop/imap mail client.  Shell access may be required, but
> in theory, the time it takes for login to say "you don't have shell access
> here", the forwarding session could be established and the mail could be
> securely downloaded to the client application.  It's about as simple as
> this from the command line:
>

Cyrus IMAP offers many different secure ways of accessing the server CRAM-MD5,
Kerberos, and a couple of others.  With the Kerberos you can get an encrypted stream
is your clients supports it.

Another option is to run stunnel to give you a secure connection and then just do the
plain text authentication.

Personally I like the cyrus server because it allows you to run pop and imap at the
same time or either one.

Eric
   eric@urbanrage.com

References:
- Re: [TCLUG:8010] IMAP vs POP3
  - From: Peter Lukas <peter@math.umn.edu>

Prev by Date: Musings...
Next by Date: loop0
Prev by thread: RE: [TCLUG:8010] IMAP vs POP3
Next by thread: Re: [TCLUG:8010] IMAP vs POP3
Index(es):
- Date
- Thread