[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Best way to check email securely?

Subject: Re: [cobalt-security] Best way to check email securely?
From: Eric Thern <security@xxxxxxxxxxx>
Date: Fri, 22 Feb 2002 21:31:08 -0500
Organization: Zoidial, Inc.
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I use stunnel (http://www.stunnel.org) to wrap imap and pop3 mail. If you set your stunnel.pem file with a hostname of "*" it will work for all sites,but warn you the first time you accept the certificate. (this also defeats some of the general purpose of trusting a site, but it still encrypts thedata through SSL)

	
	I add the following to /etc/rc.d/rc.local:
/usr/local/sbin/stunnel -T -d simap -l /usr/sbin/imapd -p /etc/stunnel.pem
/usr/local/sbin/stunnel -T -d spop3 -l /usr/sbin/qpopper-stunnel -p /etc/stunnel.pem

where 'qpopper-stunnel' is a small script:

---
#!/bin/bash
/usr/sbin/in.qpopper -R -T 300
---

	This has worked out well for a few clients, including Mozilla mail and Eudora (I have not tried it with any others).

Hope this helps,

- Eric


Paul Ferwerda wrote:

What is a good way to secure the process of checking email on a RAQ?  I'm concerned that if someone is supplying a password to check admin email that the password can be sniffed.

Thanks,
Paul

References:
- [cobalt-security] Best way to check email securely?
  - From: Paul Ferwerda

Prev by Date: [cobalt-security] Using self signed certificates to secure admin pages.
Next by Date: Re: [cobalt-security] Using self signed certificates to secure admin pages.
Previous by thread: Re: [cobalt-security] Best way to check email securely?
Next by thread: Re: [cobalt-security] Best way to check email securely?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index