Secure Web Based Mail Services
The Basics of Web Mail
Most Web mail systems are designed using a multi-tiered architecture. Usually, a Web server serves as a reverse proxy to a backend e-mail server that actually services the user's mail requests. Most Web mail systems use a separate database to store the mail, versus the user authentication information.
User Authentication can be done by using authentication protocols native to the mail server O/S or 3rd party authentication methods such RADIUS or SecureID.
By using a set of stored procedures and scripts, the Web server formats the user HTML requests so that the back end e-mail server can serve up mail. The usual backend mail server includes Microsoft Exchange, Netware Mail, or Lotus Notes. Each of these systems includes a Web mail service that uses default the ports of 80 for HTTP and 443 for HTTP/SSL. Most Web mail policies require the use of HTTP over an encrypted channel such as Secure Sockets Layer (SSL) or Secure Shell protocol (SSH). In rare cases, the IP security (IPSec) is used as the secure communication channel for Web mail systems.
The link for this article located at ebcvg.com is no longer available.