also sprach suse@diplan.de (on Sat, 06 Jan 2001 04:30:06PM +0100):
Preparing a new DMZ server I wonder how Email from external, which arrives at the DMZ server is to be treated most secure. Is there a secure possibility to transfer the whole mail to my internal server (fetchmail?) where staff could get it by POP or is POP from internal to DMZ secure enough? Clients run on WinNT.
well, there's APOP, POP with SSL, and regular POP3 as well as IMAP. the last two transmit clear text passwords. the first two aren't free to implement as far as i know. i don't have experience with the first two, but what i do (linux clients) is to tunnel a POP3 channel via SSH2 port forwarding. if you find a way to forward something like port 11000 on the NT boxes to 110 of the mail server with SSH, then your problem would be solved. or you may want to consider VPN internally. martin [greetings from the heart of the sun]# echo madduck@!#:1:s@\@@@.net -- qvid me anxivs svm?