Hello.
I configured courier-imap-ssl and decided to test it:
$ openssl s_client -tls1 -connect mail.example.com:993
CONNECTED(00000003)
depth=0 /CN=mail.example.com
verify error:num=18:self signed certificate
verify return:1
depth=0 /CN=mail.example.com
verify return:1
---
Certificate chain
0 s:/CN=mail.example.com
i:/CN=mail.example.com
---
Server certificate
[snip]
subject=/CN=mail.example.com
issuer=/CN=mail.example.com
---
No client certificate CA names sent
---
[snip]
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
[snip]
Compression: 1 (zlib compression)
[snip]
Verify return code: 18 (self signed certificate)
---
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE
THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL
ACL2=UNION] Courier-IMAP read. [snip]
I have several questions:
1. What does AUTH=PLAIN mean? Does it mean that my login/password will
be sent in plain text? Is there an explanation of the above output?
2. Why does it use AES256-SHA? Is it secure? I'm using an RSA key, but it
isn't listed. Why?
For example (Postfix is using the same key/cert file):
$ openssl s_client -starttls smtp -connect mail.example.com:25
[snip]
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
3. Is it possible to enable DHE-RSA-AES256-SHA in Courier? How?
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Courier-imap mailing list
Courier-imap@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
