Re: POP3 encryption in W2K3 - ? possible

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Justin (justinng_at_msn.com)
Date: 11/22/04 

Date: Mon, 22 Nov 2004 22:07:38 +0800

"David P. Lurie" <DavidPLurie@discussions.microsoft.com> wrote in message
news:20A2317C-C1E2-4F92-BAE1-CFEFDE47A800@microsoft.com...
> W2K3S Standard
>
> Is there any way to encrypt POP3 data with the standard POP3 server?
>
> Currently use email and perform file transfers internally on the LAN, plus
> two sites connected via VPN. Would like to eliminate the VPN, replacing
> with
> SSL-encrypted WebDAV for file transfers and TLS-encrypted email.
>
> I installed Certificate Services, and used the Certificate Wizard to
> generate certificates for the server's web site and TLS for the virtual
> SMTP
> server.
>
> WebDAV works nicely as expected from either IE6 (opened as web folder) or
> Add A Network Place.
>
> The SMTP docs suggest that enabling TLS by requiring a secure channel and
> using 128 bit encryption will encrypt outgoing email, but the POP3 server
> docs and manager only describe encryption for the logon process (SPA with
> AD
> integrated authentication used).
>
> I enabled TLS, then changed the email account settings (advanced) for SMTP
> in Outlook 2003 for my account to "This server requires an encrypted
> connection (SSL)", as no TLS option. This works, although I thought that
> TLS
> was similar, but different than SSL 3. Requiring encryption for the POP3
> server fails, as expected.
>
> That leaves half of the transmissions unencrypted. Why only have outgoing
> encryption?
>
> Is there a way to encrypt POP3 on the server that I overlooked, or is the
> only way to get secure email going to be for each client to get a S/MIME
> certificate for the email account and encrypt the messages prior to
> transmission?
>
> Thanks
>
POP3 over SSL is supported by Exchange but not Windows POP3 server. You need
to use S/MIME if you do not wish to change your POP3 server.

Relevant Pages

  • Re: TLS vs S/MIME (was: Skype threat) [Telecom]
    ... encrypt the traffic between Eudora and my mail server. ... secure or desirable than S/MIME? ... I'd forgotten about TLS. ... S/MIME can provide signature/envelope verification but also provides encryption. ...
    (comp.dcom.telecom)
  • Re: TLS vs S/MIME (was: Skype threat) [Telecom]
    ... The advantage of S/MIME or PGP is that they are End-To-End encryption ... TLS, OTOH, is only secure up to the server, and the emails ... encryption between my client and server is the best I can get anyway. ...
    (comp.dcom.telecom)
  • If TLS fails, then route to other host
    ... Internal mail server routes outbound mail to gateway Sendmail server. ... Sendmail tries TLS for this mail. ... route this mail to another server which does user-to-user encryption ... does a different type of encryption. ...
    (comp.mail.sendmail)
  • SMTP - Inbound TLS
    ... encryption with one of our clients. ... server for the Outbound TLS. ... check the TLS on the virtual server or add another virtual server I will not ...
    (microsoft.public.exchange2000.general)
  • Re: Auto-update protocol
    ... shared secret/public key is the only way to do the encryption. ... successfully decryption is the authentication. ... you can get using a generic farm server, but TFTP does not have any ... are available and forgo client polling at all ... ...
    (comp.arch.embedded)