Re: [Exim] Secure email->Webmail transaction question

Greg Webster wrote:

> - The outgoing mailserver takes the client-id, matches it to an email
> address, sends a notification to the client that an email is waiting for
> them at a https secured webmail software. It dumps the email in a mailbox
> for the client to access

Keep in mind that SSL security on a web site (https) is one-way secure; only
data from the client to the web server is encrypted, I believe. The data coming
back from the web server is unencrypted, which is why any good secure commerce
site never displays your credit card number back to you (at least not the
complete number).