[EMAIL PROTECTED] writes:
[ not sending POP3 passwords in the clear. I suggested SSH
connection forwarding. ]
> I was reading a howto about that and from what I understand, that's a client
> side deal.
Set up sshd on a host that shares a trusted link with your pop server
(or on the pop server itself). Configure the pop server to reject
connections not originating from inside the trusted network. Have
users set their SSH clients to forward connections to localhost:110 to
popserver:110 (on UNIX this looks something like: ssh
-L110:popserver:110 sshhost) and point their email readers at
localhost.
Now all your POP3 traffic is encrypted over untrusted networks. This
isn't the only way to secure POP3, but it's easy, general and very
portable. Other options include Kerberos and the SSLwrap thing that
somebody else mentioned. My original comment was merely pointing out
that `there is no way' is correct only in a narrow sense.
^L
