July 14th, 2005, 09:49 PM
Secure Email Ideas Anyone?
I'm trying to gather some ideas for an email solution between customers and our representatives. Basically, we are trying to find a solution that will enable our representatives and customers to communicate securely over the Internet, without providing them a legitimate routable email address.
I thought maybe I could find a web app that would allow me to use SSL over HTTP to deliver a message and allow them to reply to their representative, but I can't seem to locate such a product.
The only thing I really do not want them (the customer) the ability to do is to send emails to other people using the account, which means most of the standard webmail apps wouldn't work for this type of application.
Anyone have any ideas?
July 14th, 2005, 11:07 PM
I believe you can use exchange and just not give the server any other outbound path aside from the intended recipieant server. Or have all users on a single server and give it no other option as to where to look for an outside email address. Just point all routes for SMTP back at the server. Once the message sends out the SMTP with an invalid (outside) address it will be bounced back saying "unknown user"
July 15th, 2005, 02:44 AM
The way I see it you have two options..
You must have an MTA and either a pop3 or imap server, from there your options differ.
A.) You will need an MTA that supports smtps, and either an imaps or pop3s service, this is the likely scenario if you want to have them connecting using their own client e.g. Outlook or Thunderbird.
B.) If you want to go the web based route you can integrate a web based service on top of your MTA/MTC server and just run that local process all over an SSL based webserver. This method is in my opinion significantly less hassel as you have less interaction with the users, always a plus in my book. Upon connect to your https:// your users will get a box warning them of incorrect verification, if you self sign your key.
If it were me setting it up, these would be the options I would go with, pick your own poison though....
OpenBSD http://www.openbsd.org offers a sendmail(MTA) solution that by default only allows local connections.
OpenBSD also comes with a pop daemon, and Squirrelmail available from http://www.squirrelmail.org Also, you'll have to turn on SSL for the apache webserver.