IMAP Security Concerns
I am a Network Admin trying to prove to my Manager that by enabling IMAP will not impose any great security risks. Currently we only utilize SMTP and x.400 for email transport. He is a paranoid man and absolutely refuses to use pop3 or IMAP with Exchange. I need IMAP turned on within our exchange server to enable another local server to send/receive email for a CRM app.
Can anyone give me some ammo to enlighten my Manager on IMAP security.
Can anyone give me some ammo to enlighten my Manager on IMAP security.
Well FYI for your boss outlook and exchange use a Microsoft imap creation to communicate. but on to your question. Will imap be available outside of the firewall? will the CRM app be authenticating to the domain to recieve imap access? Are you using MS Server 2003 for the base of your exchange environment?
Outlook and exchange use MAPI for communications.
If you really want to use IMAP or POP3, why dont you enable either using SSL?
If you really want to use IMAP or POP3, why dont you enable either using SSL?
Is this CRM app on a server inside the network? If so, enable IMAP and just don't forward a port from the firewall - there is little real danger of enabling it internally only...
ASKER
ntrlsur:
Answersw to your questions:
Will imap be available outside of the firewall? No
Will the CRM app be authenticating to the domain to recieve imap access? No
Are you using MS Server 2003 for the base of your exchange environment? yes
I even plan on using IP filtering to restrict IMAP traffic to only the CRM server.
Answersw to your questions:
Will imap be available outside of the firewall? No
Will the CRM app be authenticating to the domain to recieve imap access? No
Are you using MS Server 2003 for the base of your exchange environment? yes
I even plan on using IP filtering to restrict IMAP traffic to only the CRM server.
Using IP filtering and keeping the port closed at the router is secure enough.
If it does not authenticate, how is it going to enumerate a folder structure?
If you have security concerns on your network, use IMAP/SSL
If you dont have security concerns, use IMAP
If you have security concerns on your network, use IMAP/SSL
If you dont have security concerns, use IMAP
you should be fine then. Filter the ip to just the crm app and you should not have any problems.
ASKER
Sorry, it does authenticate. I had to setup a CRM email account to store messages.
ASKER
I am looking for technical references that will prove my point that using IP filtering with IMAP will be secure enough.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Dont worry about IP filtering, just use IMAP/SSL...does not get much more secure than that.
How did you go with this?
>>I am looking for technical references that will prove my point that using IP filtering with IMAP will be secure enough.
Close the IMAP port to the world - you can't beat that security, and the boss can't question it; it is closed.
Close the IMAP port to the world - you can't beat that security, and the boss can't question it; it is closed.
ASKER
My manager is a type of manager that was looking for some technical documentation proving our point of using ip filtering. My ultimate goal was to flood him with documentation proving my point.
ASKER