"David P. Lurie" <DavidPLurie@discussions.microsoft.com> wrote in message
news:20A2317C-C1E2-4F92-BAE1-CFEFDE47A800@microsoft.com...
> W2K3S Standard
>
> Is there any way to encrypt POP3 data with the standard POP3 server?
>
> Currently use email and perform file transfers internally on the LAN, plus
> two sites connected via VPN. Would like to eliminate the VPN, replacing
> with
> SSL-encrypted WebDAV for file transfers and TLS-encrypted email.
>
> I installed Certificate Services, and used the Certificate Wizard to
> generate certificates for the server's web site and TLS for the virtual
> SMTP
> server.
>
> WebDAV works nicely as expected from either IE6 (opened as web folder) or
> Add A Network Place.
>
> The SMTP docs suggest that enabling TLS by requiring a secure channel and
> using 128 bit encryption will encrypt outgoing email, but the POP3 server
> docs and manager only describe encryption for the logon process (SPA with
> AD
> integrated authentication used).
>
> I enabled TLS, then changed the email account settings (advanced) for SMTP
> in Outlook 2003 for my account to "This server requires an encrypted
> connection (SSL)", as no TLS option. This works, although I thought that
> TLS
> was similar, but different than SSL 3. Requiring encryption for the POP3
> server fails, as expected.
>
> That leaves half of the transmissions unencrypted. Why only have outgoing
> encryption?
>
> Is there a way to encrypt POP3 on the server that I overlooked, or is the
> only way to get secure email going to be for each client to get a S/MIME
> certificate for the email account and encrypt the messages prior to
> transmission?
>
> Thanks
>