At 6:30 AM -0400 9/22/00, Karl Hoppel wrote:
> I have been running SSLwrap with qpoper for serveral months
> without any problems. I have RedHat 6.2.
> I installed the following RPM modules:
>
> openssl-0.9.5a-1.i386.rpm
> sslwrap-2.0.5-3.i386.rpm
>
> I wanted to discourage plain text logins for security reasons,
> and I have both Eudora and Outlook users. Eudora only does APOP
> while Outlook only does SSL (and other methods that qpopper does
> not seem to support).
Eudora will support SSL in a post-5.0 release.
> The solution that I have found that works so far
> is to run qpopper on two ports. The normal pop-3 port is configured
> for APOP only. I then run SSLwrap on the spop-3 port and send the
> input/output to qpopper running on a nonstandard port, which accepts
> plain text logins. I have listed my inetd.conf entries below. I am still
> wondering what happens when both Eudora and Outlook connect at the
> same time - if there will ever be conflicts such as both qpopper processes
> trying to use the same temporary files, hmm?
There should be no problem, since any additional Qpopper process
will detect that another process owns the temp drop. It really
doesn't matter if they are running on the same or different ports.
>
>
> pop-3 stream tcp nowait root /usr/sbin/tcpd in.qpopper -p 1
>
> 765 stream tcp nowait root /usr/sbin/tcpd in.qpopper -p 2
>
> spop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/sslwrap
> -cert /usr/local/ssl/certs/server.pem -port 765
>
>>
>>Hello to all,
>>
>>Does anyone use sslwrap with qpopper? I like to know if this is the best way
>>to make a secure POP3 conection.
>>
>>Thanks very much,
>>
>>Nuno Teixeira
>>
>
>
> Karl
