I apologize in advance if anyone gets this twice, but it didn't appear
to go through the first time.
------------------------
From: Dick_Wall @
stratus .
com
Subject: Web Oriented Mail Clients
Date: Sat, 2 Aug 97 15:25:21 -0400
To: firewalls @
GreatCircle .
COM
> Hello all ..
>
> I appologize if I'm asking a question that has been recently discussed
> .. I've been off the list for a while and have missed recent dialogues.
>
> The question is ...
>
> I'm getting approached by various groups in my company, that want to
> use Web oriented email clients, to access our email servers. That is,
> they want to use the clients from the Internet points, to access servers
> on the trusted/internal side of our network. They'd like us therefore,
> to allow http access through the firewall. We don't allow that now, and
> I don't plan to allow it in the future.
>
> Is there a secure means for providing such email access?
>
> Dick
>
>
---------------End of Original Message-----------------
My company has a product available that may solve your needs. It is
a Perl-CGI application that runs under your web server. It allows
you to read your messages from multiple POP mail accounts and work
with them from one web client application. When you log in the first
time you enter your pop mail addresses and passwords to access them
on a setup screen.
joebob @
popmail .
com password
billybob @
2nd .
popmail .
com 2ndpassword
...
You can perform most of the e-mail functions available from an app
like Eudora such as reply, reply all, forward, spell check, attach
mime and uuencoded attachments, download or view incoming
attachments, store messages in folders, filter and forward, etc.
It can be run under an SSL enabled web server to encrypt the traffic
over the net. You can also use any other authentication methods
(OPIE, Secure Token) that will work between your web server and
clients. You still have to open a hole in your Firewall (unless you
just want to allow POP and SMTP in/out and put your Web Mail Server
on your DMZ or the outside).
It doesn't use frames or Java, just tables. It can be run under
just about any web client out there. It does store copies of the
mail on the web server while you work with them or if you move
them to folders. It is nice because you can still work with mail
from other access methods because you only work with *copies* of
the mail. A message is only deleted on the server once you delete
it from the web mail interface.
One thing you want to make sure of is that your clients use the
log-off button so that someone can't use the "back" button to read
their mail. If they are on a public web browser they need to clear
the cache as well.
We also sell a companion Web-NNTP gateway that allows users to
read/post, attach, view in-line images, etc. from a web browser.
This allows people to access Usenet-style News discussion groups
from any web client. It can also be used on a SSL enabled server
to secure and encrypt each session.
I would recommend adding an additional level of security on top
of the usual "login/password" web server mechanism.
I hope this helps,
Mike
--
09:37:17
08/06/97
_______________________________________________________________________
Michael W. Chalkley Tel: +1.770.772.4567
ZapNet! Inc. Fax: +1.770.475.7640
Suite 400-120 E-mail: mikech @
iproute .
com
10945 State Bridge Road mikech @
avana .
net
Alpharetta, GA 30202 http://www.iproute.com
References:
|
|
