Solved

Is POP access to email secure?

Posted on 2014-04-17
4
275 Views
Last Modified: 2014-04-23
I am trying to understand the reasons behind organizations using Exchange not wanting to support POP or Secure POP access to the Exchange server. I know of several LOB type apps that integrate with email via secure pop. Some companies do not allow this because they claim that pop and secure pop is not secure.

I would appreciate some clearer understanding of the security implications of the use of secure pop and determine if this is something that companies do not allow for a real reason or just because they do not want to support / enable it on their exchange server.

Thanks
0
Comment
Question by:ckelsoe
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 500 total points
ID: 40007427
S/POP is secure, by definition.  I see one of two answers here:

1) Enabling access to POP or S/POP means opening additional ports in the firewall, which are vectors for attack, and/or

2)  POP and S/POP are dated, and much more functionality can be found in IMAP and/or SMTP.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40007474
Exchange servers have more to offer than just email. It is a groupware server, with which you can do much more. The pop protocol only supports mail, nothing else, and you really only have the inbox folder available. Also, with pop you need to download eveything to your PC, while with imap or Exchange's mapi, everything stays on the server and so is centrally stored and backed up, and local downloads to the PC are only something you can do if you want to.

So if you want the full functionality of exchange, you can forget pop.
0
 

Author Comment

by:ckelsoe
ID: 40007482
I understand the purpose and functionality of exchange. I am trying to understand the reasons an exchange admin would not enable secure pop access so specific lob apps that needs access to email accounts to receive and process workflow task. The reason admins claim that they will not enable pop is because of security concerns. I am trying to understand what the security concerns are that they are claiming since they do not seem to be able to explain it themselves.
0
 
LVL 14

Expert Comment

by:Monis Monther
ID: 40007685
The only reason that I can think of is that the messages are downloaded from the server and no longer exist for auditing and monitoring. Also they cannot be archived if they are deleted from the server. These are security issues.

Other than that s/POP is secure as a Mail Delivery Mechanism.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
how to add IIS SMTP to handle application/Scanner relays into office 365.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question