Security Basics mailing list archives

Re: securing IMAP connection

From: Fernando Serto <fernando.serto () memetrics com>
Date: Tue, 27 May 2003 16:05:01 +1000

what should I use for that? IPSec? is there any documentation/howtodescribing that? the users will have dynamic ips...



BellSouth - enigmavr4 wrote:

What about a VPN?  This would give them an internal IP and the tunnel would
encrypt any clear text passwords outside of your network.

Michael



-----Original Message-----
From: Fernando Serto [mailto:fernando.serto () memetrics com]
Sent: Friday, May 23, 2003 0:38
To: security-basics () securityfocus com
Subject: securing IMAP connection


hi folks!

What is the best way to a secure imap connection?

I have an exchange server running on the internal network, and a postfix
with a valid ip address relaying/forwarding mail to the exchange. some
of the users want to use IMAP from their homes, but as the passwords are
on clear text and exchange/NT4 is not secure to put on the external
network, what should I do? our firewall is an iptables one...

What we were discussing here is something like this:
the user should authenticate on the firewall, and then his ip would be
allowed to connect to a secure imap port (port 993?) for a certain
period, after the connection is iddle for 10 minutes (maybe less), the
user should have to authenticate again. as the exchange won't be
accessible from outside, we also need to forward the connection to it.
is that too complicated?

thanks in advance,

Fernando


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point,
Hacking & Assessment, Cisco Security, Wireless Security & more! Register
Now!
--UP TO 30% off classes in select cities--
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------




---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

securing IMAP connection Fernando Serto (May 23)
- Re: securing IMAP connection Devdas Bhagat (May 26)
- <Possible follow-ups>
- Re: securing IMAP connection Fernando Serto (May 27)