Is MAPI a secure protocol -- i.e. can it be used from a wireless hotspot and connect to a ZCS server without usernames, passwords, and data being compromised?

I currently have email being sent with TLS SMTP on port 465, and S/POP for retrieving email. If I go the ZCS route, I'm trying to figure out if I need to make remote users VPN in before checking email.