Hello, Dave.


DH> On Sun, Dec 01, 2002 at 09:24:36PM +0300, CEBKA wrote:
>> Postfix+courier+squirrelmail(http://www.squirrelmail.org)     works
>> plenty with ssl and/or sasl.

DH> Yeah, I agree... I'm using Postfix with delivery to Maildir mailboxes,
DH> Courier IMAP, and Squirrelmail over HTTPS, and it's working well.
DH> For reading mail, use any IMAP client... I used to use pine, but
DH> people keep saying that mutt is better (or at least it's written better),
DH> so I'm trying to switch. Don't like the interface as much as pine though.
DH> When on Windows machines at work, Outlook or Outlook Express work fine.
DH> I think Mozilla would work too, although I haven't actually tried it.

Outlook  is  a big bug! It doesn`t support even md5 autenthication. It
is  very  buggy in ssl, has not support of pgp, bad support of s/mime.
Mozilla Mail is not better in this things :( IMHO The Bat! is the best
in  the  windows  world(http://www.ritlabs.com/the_bat/ ).
Under *nix you can also use server
tunnels  for  clients ,  that    support  ssl  for  example  the
configuration for xinetd(where ipop3d is your pop3 server):
service pop3s
{
      disable            = no
      socket_type        = stream
      wait               = no
      user               = root
      server             = /usr/sbin/stunnel
      server_args        = -p /usr/sbin/stunnel.pem -l /usr/sbin/ipop3d -- ipop3d
      log_on_success     += USERID
      log_on_failure     += USERID
}

for clients, that doesn`t support ssl you must make a tunnel on client
side. The best choice IMHO is fetchmail, that support ssl fine.

If you wanna to setup a postfix with sasl look at http://www.mandrakesecure.net/

You  can  also  use gnupg or openssl s/mime to secure messages without
have  a problem to secure a server. It is much more simple to you, but
is a headache for your users.

Sorry for poor english :)

-- 
 CEBKA                          mailto:CEBKA@smtp.ru