While I know how to create a secure POP3 server after looking at the web site @ http://support.microsoft.com/kb/319273 on securing a POP3 server, I'm still not sure how to deploy this secure POP3 virtual server with existing mailbox user accounts in Active Directory. Once the secure POP3 server is successfully created in Exchange, do I need to create an exchange mailbox on the appropriate server by selecting the newly created secure POP3 server from the drop down list box in ADUC properties section for the particular mail user account that is going to use it? Is it possible to enable a mailbox user account to use both the default POP3 virtual server and the newly created secure POP3 server. In other words, could a user use the default POP3 server to send email generally to everybody and use the secure POP3 server to send encrypted email over a SSL connection to a small group of people that are also enabled to use this secure pop3 server. If possible, how could this be set up? Finally, as regards to creating a secure POP3 virtual server for PKI implementation, is it necessary to install a signing certificate on the client PC from a CA in order to encrypt messages using Outlook?; and must this same certificate be copied or exported to the recepient for the purposes of decryption? In the http://support.microsoft.com/kb/319273 article it mentions that the secure password authentication check box should be enabled in the client PC. Does this mean that everytime the client user authenticates with the secure POP3 server, it must enter its domain user/password credentials for the mailbox? Alternatively, could a SSL certificate be used instead for authenticating rather than having to enable secure password authentication? - thereby eliminating the need to enter domain credentials everytime while still maintaining security at the client authentication stage. I would appreciate any response to my questions on securing a pop3 virtual server. Thanks Martin
