How secure is MAPI?

Is MAPI a secure protocol -- i.e. can it be used from a wireless hotspot and connect to a ZCS server without usernames, passwords, and data being compromised?

I currently have email being sent with TLS SMTP on port 465, and S/POP for retrieving email. If I go the ZCS route, I'm trying to figure out if I need to make remote users VPN in before checking email.

Outlook uses MAPI to talk with our MAPI provider. Over the wire our MAPI provider uses SOAP/HTTP(s). If you use SSLyou won't need VPN.

Thanks, that's exactly what I needed to know.