Thread: Newbie setting up a pop server
View Single Post

  #3 (permalink)  
Old 06-24-2003
Kenneth A Kauffman
 
Posts: n/a
Default Re: Newbie setting up a pop server

"Nico Kadel-Garcia" <nkadel@verizon.net> wrote in message
news:_IXJa.2763$QN3.1357@nwrdny03.gnilink.net...
> Barry wrote:
>
> > Hello All,
> >
> > I am seeking advice in setting a secure pop server. My goal is
> > to have no clear text transmission and also a secure transfer from
> > client to server and server to client. I am currently running redhat 9
> > and have this layout in mind. I would have qpopper as the server (or
> > the default server for redhat which I think is ipop3d?), and use a
> > stunnel wrap to enycrpt my pop3 port (995), which uses the openssl
> > library from what I read. Now for the questions.
>
> Don't bother. The wu-imapd based imap distribution in RedHat 9 includes
> ipop3d, which incorporates SSL compatibility directly into the daemon.
> Just run "chkconfig pop3s" and "service xinetd restart", and you should
> be up and running.
>
> > First off I am not sure what the difference between qpopper and the
> > default ipop3d? Is there an conflict with ipop3d and openssl? Next are
> > there any security flaws in my layout, or maybe complications/
> > conflictions with these programs?
>
> Just that you're adding new components that you don't need to do a job
> that is already more easily accomplished. Mind you, there are other
> reasons to dislike the wu-imapd, but those are mostly IMAP reasons
> involving where it thinks your email is stored.
>
> > Lastly is the reason for qpopper instead of ipop3d because qpopper
> > supports APOP which can be used to encrypt user passwords??
> > Any help would be great, I am very confused.
> > Thanks in advance
> > -Barry
>
> I'm not sure why you want qpopper. Try pop3s and see if it works.
>

FYI:

Recompiling from source is necessary in RH9 if you are going to use
SquirrelMail as a webmail interface. AUTH=LOGIN needs to be enabled for
Squirrely to work. Make sure you have OpenSSL installed.

The simplest solution is change SSLTYPE to:

SSLTYPE=unix

and compile using

make lnp

The reason I mention this is you can ALSO change where WU thinks your mail
is by modifying <pathtocode>/src/osdep/unix/env_unix.c from

static char *myMailboxDir = NIL to static char *myMailboxDir = "mail"

or whatever.

Then add this default directory to /etc/skel for new users.

You IMAP folders will then exist in ~/mail

ken k


Reply With Quote