I am a Network Admin trying to prove to my Manager that by enabling IMAP will not impose any great security risks. Currently we only utilize SMTP and x.400 for email transport. He is a paranoid man and absolutely refuses to use pop3 or IMAP with Exchange. I need IMAP turned on within our exchange server to enable another local server to send/receive email for a CRM app.
Can anyone give me some ammo to enlighten my Manager on IMAP security.