Le samedi 23 octobre 2010 à 21:58 -0500, Stan Hoeppner a écrit : > David Touzeau put forth on 10/23/2010 3:20 PM: > > Yes i heard about VPN but in some cases in a big environnement you > > cannot play with networks and firewalls as you like. > > And there is a lot of remote sites to discuss, create VPN trought all > > theses remote sites is to complicated to maintain. > > > > yes i need to find a plugin like djigzo but djigzo is too heavy product > > (postgrey, web server... ) that requires too much components to > > implement > > You want a solution to your technical requirement. Many have been > recommended that will meet your goals. However, you find them all too > difficult or complex or painful to implement for reasons x,y,z. > > You're going to have to pick one, and none of them are going to be > particularly "easy" or pain free to implement, not if you're talking > about dozens or hundreds of remote sites. Did you think this encryption > project would be easy? Just change one setting in main.cf on each > server and be done? Heheh. Reality checks suck. > > I'm really curious about something. Your superiors are fearful of > wiretapping/eavesdropping of your SMTP session packets as they flow > across a public network, the internet. By the same token, aren't they > worried about all other manner of documents being transmitted to remote > offices via SMB/CIFS, FTP, HTTP? Or is your company one of those that > sends _everything_ as email attachments, sorta like most Lotus Notes > shops? ;) > > And, lastly, how is your environment this "big", as you say, in 2010, > with so many remote sites, and you've never implemented a VPN? And if > SMTP encryption is so important to your superiors, how do you not have > "buy in" from the networking group? In fact, if this encryption is so > crucial to management, why didn't they simply go to the networking group > and tell them to build a VPN? > > We can't properly help you if we don't have the full story, or, at > least, a significant portion of it. A tyrannical government isn't the > reason for wanting this encryption is it? >
Many thanks guys for this discuss, i have now pro and cons about using crypted protocol against "crypted datas". now the deal is to explain during a meeting what is the good way to perform a set of encrypted communication in a large environnement.
