I have been running SSLwrap with qpoper for serveral months
without any problems. I have RedHat 6.2.
I installed the following RPM modules:
openssl-0.9.5a-1.i386.rpm
sslwrap-2.0.5-3.i386.rpm
I wanted to discourage plain text logins for security reasons,
and I have both Eudora and Outlook users. Eudora only does APOP
while Outlook only does SSL (and other methods that qpopper does
not seem to support). The solution that I have found that works so far
is to run qpopper on two ports. The normal pop-3 port is configured
for APOP only. I then run SSLwrap on the spop-3 port and send the
input/output to qpopper running on a nonstandard port, which accepts
plain text logins. I have listed my inetd.conf entries below. I am still
wondering what happens when both Eudora and Outlook connect at the
same time - if there will ever be conflicts such as both qpopper processes
trying to use the same temporary files, hmm?
pop-3 stream tcp nowait root /usr/sbin/tcpd in.qpopper -p 1
765 stream tcp nowait root /usr/sbin/tcpd in.qpopper -p 2
spop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/sslwrap
-cert /usr/local/ssl/certs/server.pem -port 765
>
>Hello to all,
>
>Does anyone use sslwrap with qpopper? I like to know if this is the best way
>to make a secure POP3 conection.
>
>Thanks very much,
>
>Nuno Teixeira
>
Karl
