Secure email

Andreas Huebner 520045387768-0001 at t-online.de
Sun Jun 3 00:55:41 PDT 2001


Hi,
There is a Cyrus-Imap-Deamon that can be patched or used directly for 
encrypted email. I worked on the development of a Linux mail server in
1999 but my part was only the authentication with PAM via LDAP at an
Novell NDS database.




Kristoffer Ekelund wrote:
> 
> On Fri, 1 Jun 2001, Ben wrote:
> 
> > Remember the following:
> > The second you use a plaintext service, your system is just as vulnerable
> > as if it uses telnet instead of ssh!
> >
> > So, if you're going to have a bunch of users, and want them to ssh in, and
> > just let them use regular pop3 or imap to transfer mail, it's sort of
> > illogical.
> 
> Yes, this was exactly what I was thinking...
> 
> > I'd recommend using stunnel, since it has an easy-to-use windoze client.
> > You can probably make some vb macro to put on their desktop to forward a
> > local port to your remote port, for pop3 or imap.
> 
> Ok, stunnel looks a tad complicated, but I'll look into it. It doesn't
> look like a very elegant solution though. Not to me anyway... Are there
> really no encrypted protocols for retriveing mail?
> 
> > Also, keep in mind that, if you set up a smtp server, you have to deal
> > with rcpthosts and spam prevention and all sorts of other fun stuff. A
> > good way of authorizing ip's to be able to relay mail is with pop3 auth. I
> > know there's a patch for qmail that does this. I'm sure there's one for
> > postfix, too. Qmail and postfix are really good choices for secure
> > (against cracking) smtp servers. check out qmail.org for all sorts of fun
> > qmail stuff, and stunnel.org for the schtick on stunnel.
> >
> > Also, if you want REALLY good encryption, just have your clients use
> > pgp/gpg, or maybe s/mime. That's not as user-friendly, and isn't worth it
> > if all you're concerned with is password cloaking.
> 
> Password cloaking would be what I'm after in this setup. But that has
> never stopped my curiosity, do you have any links relevant to encrypting
> with pgp/gpg (assuming that you don't just mean encrypting the contents of
> the e-mails becuase I know how to do that).
> 
> > Regards,
> > ben
> 
> 
>         Sincerely,
>         Kristoffer
> 
> --
> Read, think, spread! http://www.toad.com/gnu/whatswrong.html
> 
> --
> Unsubscribe: send email to lfs-security-request at linuxfromscratch.org
> and put unsubscribe in the subject header of the message
-- 
Unsubscribe: send email to lfs-security-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message




More information about the lfs-security mailing list