I understand. There's two things you need to consider about how your mail is handled and who might be able to see it:
1. In incoming.pl or webmail.cgi, the program will connect to a pop box, and retrieve your mail to be stored on the server. If your pop box is on a remote machine, then someone could intercept it there (this is advanced stuff though, and all email suffers from this). If the pop box is on the same machine as the scripts, then it never goes onto the internet.
2. When you log in to Gossamer Mail and view your mail, that information is transferred from the web server to your computer, and people could view it in between.
Now, the solution for 2 is easy. Just use a SSL server, i.e. go to:
https://yoursite.com/cgi-bin/webmail.cgi
to view your mail and all information transferred in between would be encrypted.
The solution to 1 is more difficult and would require setting something up on the remote server as well as on the web server. Most people seem to have the pop box on the local machine, so I'm not sure if it's worth it.
Hope that helps,
Alex
--
Gossamer Threads Inc.