Re: Blocking POP3 and IMAP

[Michael Sinatra <michael () RANCID BERKELEY EDU>]

Geoff Nathan wrote:
> Mike Iglesias wrote:
> > Geoff Nathan wrote:
> >
> > > Can we train 40K users to set up their clients to do that?
> > > Probably not.  Especially when those users include the Provost, the Deans
> > > and most other Associate VP's, chairs and other high level officials. It's
> > > a distant gleam in our eyes, but not something we're going to be doing
> > > soon, no matter how badly needed it might be. And your career won't get
> > > very far if you threaten to fire the Provost or the Dean of Liberal Arts
> > > and Sciences because they insist on using Eudora. ;-)
> >
> > We have at least as many users as you do, and we got them to switch over to
> > TLS/SSL POP/IMAP/SMTP without too much trouble.  We're pretty decentralized,
> > so each department/school has computing support staff who helped the users
> > with the transition, and our helpdesk helped others as they called in about
> > it.  We established a deadline for making the switch, and reminded the users
> > that it was happening.  Directed emails to the users who had not switched (and
> > their support staff) got the stragglers moved over.
> >
> > Our mail setup instructions are here if you want to see the documentation we
> > have for our users:
> >
> > http://www.nacs.uci.edu/email/settings.html
> You guys are all great, and have given me the ammunition I need to go
> forward with this project.  Many, many thanks.

We did the same thing, as part of the implementation of our Minimum
Security Standards policy.  I think it was about 40K users as well.  It
definitely took some work, but everyone involved--security folks, email
admins, and departmental support folks, all bought into the rationale
behind the TLS requirement and did what needed to be done.  It has
worked out well since then.

michael