I finally managed to get qpopper running with SSL on 995 with the following options:
set debug set tls-private-key-file = '/etc/mail/certs/key.pem' set tls-server-cert-file = '/etc/mail/certs/cert.pem' set tls-support = alternate-port set clear-text-password = always Can someone clarify how authentication work with this setup? Specifically, is a secure connection first negotiated, and then password authentication takes place? Or is password authentication happening over a plain connection before SSL creates its layer? I don't want to be sending clear text passwords over the net if I can avoid it. With the above config, clear-text-password = always does not look to re-assuring even though tsl support is on. Thanks, Michael -----Original Message----- From: Randall Gellens [mailto:[EMAIL PROTECTED]] Sent: Friday, May 24, 2002 3:28 PM To: Sebastien Renard; Michael Caplan; Subscribers of Qpopper Subject: Re: Configuring Qpopper with SSL and APOP At 10:10 AM +0200 5/24/02, Sebastien Renard wrote: > > At 8:28 AM -0400 5/23/02, Michael Caplan wrote: >> > The goal that we are seeking is APOP authentication on port 110, and >> > TLS/SSL authentication on 995. I have been successful with configuring >> > Qpopper with APOP and TSL/SSL (I can connect with Eudora with APOP >> > authentication and TSL/SSL), but I can not get the two to work >> > exclusively. >> > > In the Qpopper running on port 110, set clear-text-password to never. >> In the Qpopper running on 995, set tls to alternate-port. > > There's two qpopper running ? With two entries in inetd.conf ? You need one instance of Qpopper per port. You configure each to behave as you want.
