Ask the Expert

What about using SSL VPN with e-mail clients?

I am interested in using SSL VPN with e-mail clients (Eudora, Outlook etc.). I can configure the e-mail client to send traffic over SSL to the e-mail server. But can I just relay e-mail over the SSL VPN, without reconfiguring the e-mail client? Can I use the SSL VPN as a redirector, and have it redirect traffic on standard ports (110 and 143) to SSL-enabled ports (993 and 995)? Is there a way to minimize e-mail client configuration and have the SSL VPN do the work?

    Requires Free Membership to View

Different SSL VPN products work in different ways. Some SSL VPN products proxy incoming SSL sessions to native protocol sessions with internal servers. Other SSL VPN products use SSL as a generic tunneling protocol, port-forwarding anything that arrives over the tunnel to the internal server. Your ability to use native applications and ports depends on the type of SSL VPN product that you use.

For example, if you're using an SSL VPN proxy, it may not be designed to support native e-mail client applications at all. Instead, it may be necessary to use a web portal interface to reach your e-mail server through the SSL VPN gateway. In this case there is no e-mail client reconfiguration necessary -- you simply use your browser as your e-mail client. The SSL VPN gateway is then configured to send e-mail to the port your e-mail server expects -- that is, the gateway can send plain old POP3 (110) and IMAP (143), or you can send POP3S (995) and IMAPS (993).

If you're using an SSL VPN that port-forwards native protocols over SSL, you'll probably need to reconfigure your e-mail client to send outbound traffic to localhost instead of the destination e-mail server. The SSL VPN agent running on the local host will intercept e-mail traffic and forward it over the SSL tunnel. Upon receipt, the SSL VPN gateway will forward that e-mail traffic on towards the e-mail server. In this case, whatever port the e-mail client sends traffic through will be the port the e-mail server receives traffic on.

This was first published in March 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: