test -----Original Message----- From: R. Damian Koziel [mailto:[EMAIL PROTECTED]] Sent: Friday, June 14, 2002 12:39 PM To: Subscribers of Qpopper Subject: Re: Difficulty with set-tls-support=stls...
Thanks! to all who responded to date but I'm still stumped. Here's the latest. (I took Norton AntiVirus out of the equation.) Not previously mentioned is that I've installed Andreas Maier's Solaris /dev/random package [http://www.cosy.sbg.ac.at] (Solaris 2.5.1 doesn't provide one natively.) o Rebuilt QPopper 4.0.4 (OpenSSL 0.9.6b 9 Jul 2001, gcc version 2.95.2, Solaris 2.5.1 'make') # rm config.cache; make clean; ./configure --enable-specialauth --enable-apop=/etc/pop.auth \ --enable-popuid=qpopper --with-openssl=/usr/local/ssl; make; make install o Added myself to APOP database: # /usr/local/sbin/popauth -user damian <passwd> o Verified APOP database addition: # /usr/local/sbin/popauth -list ALL damian : APOP # o Created /etc/mail/pop/qpopper.config: set tracefile = /etc/mail/pop/pop.log set tls-server-cert-file = /etc/mail/certs/CAcert.pem set tls-private-key-file = /etc/mail/certs/CAkey.pem o Added POP3 service to inetd.conf: pop3 stream tcp nowait root /usr/local/sbin/popper -l1 -f /etc/mail/pop/qpopper.config Outlook 2000 Settings: Incoming mail (POP3) Port: 110 This server requires a secure connection (SSL): ENABLED # Restarted inetd # Attempted POP3 connection from Outlook: /etc/mail/pop/pop.log shows: [29510] Set tls-server-cert-file to "/etc/mail/certs/CAcert.pem" [29510] Set tls-private-key-file to "/etc/mail/certs/CAkey.pem" [29510] (null) at adsl-63-197-28-194.dsl.snfc21.pacbell.net (63.197.28.194): -ERR Unknown command: "a". [29510] (null) at adsl-63-197-28-194.dsl.snfc21.pacbell.net (63.197.28.194): -ERR POP EOF or I/O Error Question: What is it trying to do when it reports "Uknown command: "a"" (or "b" or just plain garbage)? [29510] (null) at adsl-63-197-28-194.dsl.snfc21.pacbell.net (63.197.28.194): -ERR Unknown command: "a". R. Damian Koziel And of course 'ssldump' continues to complain: Do I have a SSL compatibility problem? New TCP connection #9: talos(1516) <-> mail.xidak.com(110) 9 1 0.0087 (0.0087) C>S SSLv2 compatible client hello Version 3.1 cipher suites Unknown value 0x8f8001 Unknown value 0x800003 Unknown value 0x800001 Unknown value 0x810001 Unknown value 0x810003 Unknown value 0x820001 TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x830004 Unknown value 0x848040 SSL2_CK_RC4 SSL2_CK_3DES SSL2_CK_RC2 TLS_RSA_WITH_DES_CBC_SHA SSL2_CK_DES TLS_RSA_EXPORT1024_WITH_RC4_56_SHA TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA TLS_RSA_EXPORT_WITH_RC4_40_MD5 TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Unknown value 0x830004 Unknown value 0x842840 SSL2_CK_RC4_EXPORT40 SSL2_CK_RC2_EXPORT40 Unknown SSL content type 43 9 0.0451 (0.0364) C>S TCP FIN 9 2 0.0473 (0.0021) S>CShort record Unknown SSL content type 45 9 3 0.0479 (0.0006) S>CShort record -+-+ End -+-+
