Thanks a lot!! I´ve installed it, and it seems to work fine. Now I just have two beginners questions: 1. Tunneling through SSL means encrypting _everything_, including the authentication process (no plain text passwords flying throught the net) ?
SSL "wraps" the tcp connection. The endpoints actually don't know of the underlying cryptographical connection (as long as they don't query their sockets). They just rely on it. The answer is yes.
2. Is it still possible to exploit a security bug of our IMAP server having the imap port closed to outside?
Yes, if you can connect through the ssl tunnel/port.
I think the answers will be for 1. yes, and for 2. no, but want to be sure :))
Thanks again!
You're welcome.
JLT
Thanks,
Roman.
--
- -
| Roman Drahtmüller