[plug] POP mail security

[Leon Brooks]

Subba Rao wrote:
> What is the best way to protect my users passwords from being sniffed?

The simplest, least flexible way is to block access to the POP port
except from your dialup lines.

There are SSL versions of the POP3 protocol (my /etc/services file
mentions spop3 on port 995) but I suspect that Windows clients for same
would be limited.

Perhaps a resonable compromise would be to only allow POP3 from your
dialins, but allow SPOP3 or POP over PPTP or encrypted PPP from
anywhere. The majority of your dialin users would never know, and those
who were inconvenienced would have a couple of options, my personal
favourite being "Service Pack Maxint", better known as Linux. (-:

-- 
Confidence is the feeling you have before you understand the situation.
If at first you don't succeed, try a shorter bungee. When in trouble,
when in doubt, run in circles, scream and shout. The two great secrets
of success are: don't tell anyone everything that you know.