You are not being overly cautious, of course.
1. Passwords used are the same as to user accounts.
2. Mail can be stolen (this is not considered important or a concern???).
I don't advovate using filtering routers anyway, but even with a firewall
the password issue is the same. You'd certainly want to use a POP3 proxy and
use APOP for authentication.
At 12:22 PM 11/9/95 -0800, Rob Sansom wrote:
>There are some at my organization (upper management) who believe that there
>is little danger in allowing access to POP accounts on my Unix host thru
>our router. My attitude is that the fewer types of connections that I
>allow through the router to our internal hosts the better, and a good
>solution to allowing access to POP accounts from the outside would be to
>set up terminal server/modem
>access with SLIP/PPP functionality so that people can dial in and download
>their mail via Eudora or whatever, over a SLIP connection. In light of the
>recent syslog(3)/Telnet problems, it scares the hell out of me to allow
>this type of connection. Besides sending passwords in the clear over
>unsecured nets, I don't want to find out the hard way that there is some
>bug in my POP server, or function call that it uses. Am I being overly
>cautious (loaded question)?
>Thanks in advance,
>Tech. Resources Mrg.
>Franciscan Shops Inc. (The Bookstore)
>San Francisco State University