Take the following into consideration... Given: * POP3 authentication is clear text * MS Exchange authenticates against NT/2000 user accounts
Therefore: * The POP3 username & password are the same credentials used to access network resources. * Compromised POP3 credentials will also compromise the entire domain. Conclusion: POP3 is a bad idea, even in a LAN. - Lee -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 23, 2002 4:00 PM To: [EMAIL PROTECTED] Subject: POP3 My users want me to to give them POP3 access via the firewall. We have an Exchange Server runnig with a Checkpoint Firewall. Are there any security issues that I need to watch out