Secure email

Adrian Ho lexfiend at
Fri Jun 1 17:55:20 PDT 2001

On Fri, 1 Jun 2001, Kristoffer Ekelund wrote:

> Ok, stunnel looks a tad complicated, but I'll look into it. It doesn't
> look like a very elegant solution though. Not to me anyway... Are
> there really no encrypted protocols for retriveing mail?

/Protocols/, not that I know of -- SSL/TLS-based tunneling is the
preferred solution for just about everyone.

However, your original question was about securing the authentication
process rather than the entire channel.  For that, APOP (RFC1460, IIRC)
may fit your needs.  I haven't needed to set up an APOP-enabled server,
but I recall a few things:

* The authentication database is separate from /etc/{passwd,shadow}.
* Quite a few (many?) POP clients support it natively, both Unix and
  Windows (can't say much about MacOS).
* Most POP servers either support it natively, or have patches for it.
* It's basically MD5 password-hashing.

Adrian Ho   lexfiend at

Unsubscribe: send email to lfs-security-request at
and put unsubscribe in the subject header of the message

More information about the lfs-security mailing list