My thanks to y'all. I've learned the following from your responses, and my
own research:
- Outlook is a piece of shit, and doesn't support APOP
- Outlook's "Use Secure Password Authentication" checkbox uses SASL with
some proprietary MS mechanism related to NT authentication
- My qpopper is working fine, but doesn't really support any SASL mechanisms
yet.
- SSL transport layer security will provide the secure pop and imap
authentication that I need for all my users wether they use Netscape,
Outlook, or Eudora. I'm going to give OpenSSL with stunnel a try.
- I don't really want to learn about certificates and all that SSL entails,
but Outlook is a piece of shit, and doesn't support APOP.
- If all my users used Eudora, I could use APOP.
- People like Outlook, and will switch when I pry it from their cold, dead
fingers.
Muchas Gracias,
Corin Royal Drummond
Sysdemin
Savage Beast Technologies
-----Original Message-----
From: Ken Hornstein [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 19, 2000 10:14 AM
To: Subscribers of Qpopper
Subject: Re: APOP Help: Server gives no valid SASL mechanisms
>I'm bugged by qpopper. I've compiled it, and installed the recent 3.1 beta
>RPM (from rpmfind.net) for RedHat 6.2. The server responds nicely using
>user/pass authentication, but won't do APOP.
>
>Examining the debugging logs ("-t" cmd line flag) reveals that when Outlook
>2000 says "AUTH" qpopper responds "+OK Following are Support SASL
>mechanisms". Problem is, it doesn't provide such a list. Outlook gets so
>frustrated by qpoppers obvious duplicity in this matter that the next thing
>it says is "QUIT".
I think you're confused. APOP doesn't have anything to do with SASL
(which is what uses the AUTH command). There's a separate APOP command
for doing APOP authentication. It sounds like Outlook wants to do
SASL authentication (which I think there's some rudimentary support for
in qpopper, but I have no idea how well it works).
--Ken
