On Wed, 6 Nov 1996, Adam Shostack wrote:
> A pop proxy should also do a better job of managing brute
> force attacks than plug can.
I had not thought of incoming POP yet, but of course the other end would
also want such protection. I have some POP servers on the inside that I
cannot touch while on the net, would be nice to be able to get to them
> Also consider requiring apop or kerberos authentication to the
> proxy, and then translate that into a uname/password combination if
> thats all your internal machine requires/supports.
I think the newest qpop does apop, and IMHO should be required.
> Encrypting & authenticating this link is a very good idea, on
> top of apop. Kerberized mail, if I remember correctly, will be
> encrypted on the wire.
I thought kerberos only did authentication, not session encryption?