Bob Dedrick wrote:
>The bottom line is still the same, which is that there's no secure
>way to let users use these clients.
It would be entirely possible for an organization to write an
http-> POP3/IMAP gateway that would tunnel the POP3 and/or IMAP session
over an ssh, IPSec, or SKIP tunnel. This is exceptionally easy if
you trust your internal net and can simply use a VPN enabled firewall
to tunnel the session over the internet and then let the POP or
IMAP session travel through the organizations internal network.
The http to mail cgi could then be set to be accessed only from an
SSL enabled web server. This would require the involvement of the
http to mail gateway as well as the firewall administrators, and
perhaps even the mail gateway admin (if they chose to use an ssh
host to host tunnel, as opposed to a gateway to gateway tunnel),
but it is far from impossible.
-- William
|
|
