Hi. I have set up sendmail to work, but I use it only through local network, or openssh (putty). And I am a bit paranoid about security, and heard POP send the username / password as plain text, making it as insecure as ftp and telnet, and vulrunable for sniffers. And once they have the username / password they can simply log into the machine using ssh, install some root password finding software, and then my machine is screwed... Right?
But now my brother wants to use the domain name / mail server (lives in different town, and uses MS Outlook Express, so I guess it must be pop or IMAP then?). Does it exist something that I can add to sendmail to make it as secure as ssh and putty, but still so fleksible that my family can easly install it on their windows computers .(and not cost a thing
I read from these forums that Qmail is suppose to be the secure mail application, but does it encrypt username / password? Will it be the weak link of my system? (only have port 80 (web) and port 22 (ssh) open).
Can I install putty on their machines, and somehow "tunnel" the mail information to MS outlook using ssh?
Or is my best bet to get a old retired machine from work or something, and set it up with linux and qmail, and seperate it from my main linux machine thourgh a local firewall (Guess this would be best, but my partner will kill me if I drag another rusty machine in the house).