APOP and qpopper2.4, how safe?

[Marc Goldburg <marcg () arraycomm com>]

We have to provide mail service for users in far-flung corners of the
globe.  So far, we've been requiring them to dial in to the modems at our
central site to retrieve mail via POP over serial lines.  This is becoming
expensive, however, and we're looking at alternatives.

One option would be to have these people get accounts with local ISP's and
then use APOP over the internet to retrieve their mail.  At our central
site, plug-gw from the TIS FWTK would be used on a machine in our DMZ to
forward POP requests to a mail server behind the firewall (this seems safer
than mirroring mail spools on a DMZ machine).  Since we use pop internally,
I'd probably have the plug-gw connect to non-standard POP port on the mail
server where there'd be running a version of qpopper which only
authenticated via APOP and only for our remote users.

There's a host of security issues here --- potentially sensistive
unencrypted messages flowing across the net, telling people with sensitive
information on their machines to get ISP accounts, ... --- all of which
we're wrestling with.  

I'd be interested in any comments that folks have on the fundamental
robustness of APOP and qpopper (2.4 or higher).  Is it foolish to poke a
hole in the firewall using those tools?  By the way, the mail server is
running SunOS 4.1.3_U1 plus patches.

Thanks,

Marc Goldburg

-- 
ArrayComm, Inc.                           Tel: +1.408.952.1810
3141 Zanker Road                          Fax: +1.408.428.9083
San Jose, CA  95134-1933                  E-mail: marcg () arraycomm com