On Mar 5, 2006, at 23:48 , Mark Crispin wrote:
On Sun, 5 Mar 2006, BuildSmart wrote:Sorry, I should have looked a little closer at the Makefile and read the changes to see thet the defualt was changesd to 'SSLTYPE=nopwd'That is the standard build, as required by RFC 3501.Using 'SSLTYPE=none' gave me my working build but I was wondering if SSL/TLS support is still available with this build method???That builds without SSL entirely; which is non-complaint with RFC 3501 and VERY insecure.Is it possible to have both methods available in a single binary???If, by this, you mean building with SSL support, but allowing insecure logins without the use of SSL, that is done by SSLTYPE=unix.However, I recommend that you use the standard SSLTYPE=nopwd. Every client in the past several years has supported SSL and/or TLS.
I'm sorry if I'm starting to sound like an idiot but I am having a hard time with understanding the documentation.
I can agree that most mail apps I've looked at have some checkbox for SSL encryption which also changes the port to communicate on.
I have an app set up that sends the password to retrieve mail to be read (no clue what format, only that it works), when I build with the nopwd option I can no longer retrieve e-mail.
When I try "telnet loalhost 993" it refuses connection (obviously not set to watch this port).
I have no issues with using SSL options to hide plain-text passowrds but pam_mysql expects the password to be plain-text when it processes it.
Forcing only SSL connections for mail is probably a good idea however the instructions for making it work are unclear to me, I understand drag and drop and it works but if I build with SSLTYPE=unix it's no longer drag and drop and I couldn't find simple explanations in the documentation to make it work.
My issue is probably more of configuration than anything else and what I do know is I have a /etc/xinet.d/imapd file with the following content:
service imapd
{
disable = no
type = unlisted
socket_type = stream
protocol = tcp
wait = no
user = root
groups = yes
server = /usr/libexec/imapd
port = 143
}
Aside from the port change, what else do I need to change to get mail
working again?
What is required to have both SSL and non-SSL capabilities? Will I need 2 files or can it be done in the existing file?
-- Mark --
-- Dale _______________________________________________ Imap-uw mailing list [email protected] https://mailman1.u.washington.edu/mailman/listinfo/imap-uw
