On 13/12/12 06:26, Stan Hoeppner wrote:
On 12/12/2012 6:05 PM, Tony Nelson wrote:
I think it's in my best interest to get TLS operational again.
So, you encrypt the transmission from the internal corporate groupware
server to the gateway server via a private network that you completely
control. But then you relay the same message over the public internet
in plain text.
TLS encrypts the whole connection including the authentication - maybe
the OP is more concerned about passwords being sent in plain text than
the contents of the actual email.
There seems to be a flaw in your logic, in your threat assessment. Your
stated posture makes it seem you are more worried about malicious packet
sniffing inside your perimeter than outside.
