In article ,
no_replies@verizon.com says...
> Has anyone here tried (an willing to share
> opinions) on Securenym (securenym.net) and/or
> Co-Mail (co-main.com). Our group has been using
> pgp for 6+ years but we want to add a solution
> which also encrypts transmission of passwords,
> etc. to our isp's and doesn't reveal subject
> lines, etc.
>
> Thanks.

As to the transmission of passwords, I'm guessing that you're talking about
the password that your systems use to login to the POP3 server at the ISP?
(sounds like your e-mail boxes are hosted at an ISP?)

That attack vector could be fixed using SSH or a more secure version of POP3
(I think there's an encrypted POP3 port?). But either your current ISP
would need to provide the service, or you'll have to shop around for an ISP
that does.

The other option, of course, would be to maintain your own mail server where
e-mail between others within your group would never leave the mail server
and you would have control over using SSH, or the other more secure e-mail
protocols.

"Toshi1873" wrote in
message
news:MPG.1a653da217159a2f989731@news-50.giganews.c
om...
> In article
,
> no_replies@verizon.com says...
> > Has anyone here tried (an willing to share
> > opinions) on Securenym (securenym.net) and/or
> > Co-Mail (co-main.com). Our group has been
using
> > pgp for 6+ years but we want to add a solution
> > which also encrypts transmission of passwords,
> > etc. to our isp's and doesn't reveal subject
> > lines, etc.
> >
> > Thanks.
>
> As to the transmission of passwords, I'm
guessing that you're talking about
> the password that your systems use to login to
the POP3 server at the ISP?
> (sounds like your e-mail boxes are hosted at an
ISP?)

That's correct. I should have mentioned that we
are a "virtual company" with our employees all
working their own office or homes. Mostly, they
use either dsl from the local telco or cable
modem.

> That attack vector could be fixed using SSH or a
more secure version of POP3
> (I think there's an encrypted POP3 port?). But
either your current ISP
> would need to provide the service, or you'll
have to shop around for an ISP
> that does.

The two companies I mentioned above do that, and
at least Co-Mail says it will run a "virtual
mailserver" with the same encryption features.
Couple of our people have been using Mutemail, but
find that way too much mail is being blocked (in
particular by AOL). At least with my "ordinary"
isp, I get a notice if my mail doesn't go through.
Mutemail has been totally unresponsive: they don't
even reply to inquiries to their support. Hence we
are shopping for an alternative.
>
> The other option, of course, would be to
maintain your own mail server where
> e-mail between others within your group would
never leave the mail server
> and you would have control over using SSH, or
the other more secure e-mail
> protocols.

If we ran our own mailserver, would it also be
easy also for outsiders to send us mail using SSH?
(I would guess not because they are still going
through their own isp's and I don't think we want
to start having customers and suppliers using our
mailserver.)

Thanks again for your help and suggestions.
Bill
>
>

bill wrote:
> "Toshi1873" wrote in
> message
> news:MPG.1a653da217159a2f989731@news-50.giganews.c
> om...
>> In article
> ,
>> no_replies@verizon.com says...
>>> Has anyone here tried (an willing to share
>>> opinions) on Securenym (securenym.net) and/or
>>> Co-Mail (co-main.com). Our group has been using
>>> pgp for 6+ years but we want to add a solution
>>> which also encrypts transmission of passwords,
>>> etc. to our isp's and doesn't reveal subject
>>> lines, etc.
>>>
>>> Thanks.
>>
>> As to the transmission of passwords, I'm
> guessing that you're talking about
>> the password that your systems use to login to the POP3 server at
>> the ISP? (sounds like your e-mail boxes are hosted at an ISP?)
>
> That's correct. I should have mentioned that we
> are a "virtual company" with our employees all
> working their own office or homes. Mostly, they
> use either dsl from the local telco or cable
> modem.
>
>> That attack vector could be fixed using SSH or a more secure version
>> of POP3 (I think there's an encrypted POP3 port?). But either your
>> current ISP would need to provide the service, or you'll have to
>> shop around for an ISP that does.
>
> The two companies I mentioned above do that, and
> at least Co-Mail says it will run a "virtual
> mailserver" with the same encryption features.
> Couple of our people have been using Mutemail, but
> find that way too much mail is being blocked (in
> particular by AOL). At least with my "ordinary"
> isp, I get a notice if my mail doesn't go through.
> Mutemail has been totally unresponsive: they don't
> even reply to inquiries to their support. Hence we
> are shopping for an alternative.
>>
>> The other option, of course, would be to
> maintain your own mail server where
>> e-mail between others within your group would never leave the mail
>> server and you would have control over using SSH, or the other more
>> secure e-mail protocols.
>
> If we ran our own mailserver, would it also be
> easy also for outsiders to send us mail using SSH?
> (I would guess not because they are still going
> through their own isp's and I don't think we want
> to start having customers and suppliers using our
> mailserver.)
>
> Thanks again for your help and suggestions.
> Bill

If you run your own mail server, which wouldn't be too difficult/expensive
then bring all your users in on VPN would that solve your problem ?

--

Alan