I've deleted the pop.auth (APOP secured users database file) file altogether - it wont be needed anyway and to prevent such future incidents... .
Boaz
Miki Shapiro wrote:
Aha! found the problem.
Layer5 encryption in SSL is NOT APOP. so I removed bobo, my test user, from the APOP database and tried again.... And Voilla! it works :-)
Thanks!
On Mon, 1 Sep 2003, Miki Shapiro wrote:
Okay, this is something I spent all last night trying to work.
I did everything as it says here (build openssl, build qpopper with relevant configure options, opened my own cert authority, generated a certifiacte, add it to the cert.pem file, etc.
When I log in using OE, OE says "securing", gives me the message that my CA is not trusted, I accept, then it says "authenticating..." and fails miserably, and qpopper says:
Sep 1 12:45:56 pharoe qpopper[85775]: bobo at 127.0.0.1 (127.0.0.1): -ERR [AUTH] You must use stronger authentication such as AUTH or APOP to connect to this server Sep 1 12:45:56 pharoe qpopper[85775]: I/O Error Sep 1 12:45:56 pharoe qpopper[85775]: bobo at 127.0.0.1 (127.0.0.1): -ERR POP EOF or I/O Error
(on OE6, "Log on using Secure Password Authentication" is not checked, "This server requires a secure connection (SSL)" is checked.
If I check the former in, I get the same error minus the first line (the one that points out it wants either APOP or AUTH authentication).
Ideas? Help?
On Mon, 1 Sep 2003, Boaz Rymland wrote:
I've invistaged this not long ago. AFAIK, APOP is a good method to get privacy as far as POP3 comm is concerned, but APOP is supported by too little mail clients, mostly Eudora email client (the same company that produces/finances... QPopper). AFAIK, unforutnately, NO APOP support in outlook :-( (why add support when we monopolize the market???).
I'm using qpopper + SSL. See the following guides/information pages:
http://www.networkcomputing.com/1018/1018ws2.html (OLD, but informative) http://slowest.net/docs/howtos/mail/qpopper-ssl.html (QPopper + SSL "tutorial" guide)
all in all - it works for me like a charm with the winblows clients outlook, outlook express. See in their configuration windows the palce to set the POP server to use SSL (a check box).
good luck, Boaz.
Miki Shapiro wrote:
1. I have a ~20 user pop3 mail system. I don't want passwords out in the open. I run qpopper 4, which supports APOP, and AFAIK does not support SPA.
2. My users use Outlook or OE. said clients support SPA, and do not support APOP. Yes, I am aware SPA is not the most secure thing in the world, and that it's NT LM 1.0-based, but I can't change the clients.
Suggestions? (qpopper modules? alternate secure & worthwhile pop3 servers?)
Thanks!
Miki
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
