Re: [courier-users] Running three instances of imapd
Jon, I think you didn't understand what I wrote. Let me make a drawing: ClientServer --- imap --- imapd with STLS (xxx.xxx.xxx.xxx:143)--- mail --- pop3 --- pop3d with STLS (xxx.xxx.xxx.xxx:110) --- mail --- imaps --- imapd-ssl (xxx.xxx.xxx.xxx:993) --- mail --- pop3s --- pop3d-ssl (xxx.xxx.xxx.xxx:995) --- mail --- https --- apache with mod_ssl (webmail) (xxx.xxx.xxx.xxx:443) --- imap --- imapd without STLS (127.0.0.1:143)--- mail Every connection from the outside clients must be secure, but there is no need for this requirement for local connections from webmail client to localhost. I'm *forcing* imapd to accept only secure connections. If webmail is to use imap i have two alternatives: use a secure connection of existing imap server (more unecessary overhead), or i can lauch another imap server without security on localhost to serve only webmail connections. Thanks Miguel Cabeça - Original Message - From: Jon Nelson [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 09, 2003 5:35 PM Subject: Re: [courier-users] Running three instances of imapd On Thu, 9 Oct 2003, Miguel Cabeça wrote: Jeff, By local webmail I mean: the webmail server is the same as the mail server. No, I'm not talking about sqwebmail. I use Horde/Imp that makes imap connections to localhost (127.0.0.1). Those connections don't need to be encrypted. The webmail is accessed via https only. Ah, but *can* they be encrypted. If so, just do it that way and be done with it. Why make life more complicated? -- Democracy is two wolves and a sheep voting on what to have for dinner. Liberty is two wolves attempting to have a sheep for dinner and finding a well-informed, well-armed sheep. Jon Nelson [EMAIL PROTECTED] C and Python Code Gardener --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Running three instances of imapd
Jon, ClientServer --- imap --- imapd with STLS (xxx.xxx.xxx.xxx:143)--- mail --- pop3 --- pop3d with STLS (xxx.xxx.xxx.xxx:110) --- mail --- imaps --- imapd-ssl (xxx.xxx.xxx.xxx:993) --- mail --- pop3s --- pop3d-ssl (xxx.xxx.xxx.xxx:995) --- mail --- https --- apache with mod_ssl (webmail) (xxx.xxx.xxx.xxx:443) --- imap --- imapd without STLS(127.0.0.1:143)--- mail I suggest the first alternative. Why is that so hard? These are not alternatives! I have them all available to the users. Miguel --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Running three instances of imapd
Hello there,
I wish to have the following setup:
o imapd running on IP xxx.xxx.xxx.xxx port 143 wich accepts only
STARTTLS connections
o imapd-ssl running on ip xxx.xxx.xxx.xxx port 993 wich accepts only
(of course) secure connections
o imapd running on port 127.0.0.1 port 143 wich accepts nonsecure
connections (local webmail)
I think that this is not possible out of the box. I know I can have
couriertcpd running on multiple port numbers like so:
PORT=xxx.xxx.xxx.xxx:143,127.0.0.1:143
But I cannot specify IMAP_TLS_REQUIRED on an per IP basis.
So, I'm planning on doing it like this:
relevant entries in /courier/etc/imapd
ADDRESS=xxx.xxx.xxx.xxx
PORT=143
relevant entries in /courier/etc/imapd-ssl
SSLADDRESS=xxx.xxx.xxx.xxx
SSLPORT=993
IMAP_TLS_REQUIRED=1
make a new /courier/etc/imapd-webmail that is a copy of
/courier/etc/imapd with the following relevant changes:
ADDRESS=127.0.0.1
PORT=143
MAXDAEMONS=40
MAXPERIP=40
PIDFILE=/courier/var/tmp/imapd-webmail.pid
(!!! IMPORTANT!!!) I don't know how the local webmail worked until
now with MAXPERIP set to 4 before :-)
make a new /courier/sbin/imapd-webmail that is a copy of
/courier/sbin/imapd with the following content:
#! /bin/sh
# $Id: imapd.rc.in,v 1.16 2002/12/24 02:35:50 mrsam Exp $
#
# Copyright 1998 - 1999 Double Precision, Inc.
# See COPYING for distribution information.
prefix=/courier
exec_prefix=/courier
sbindir=${exec_prefix}/sbin
. ${prefix}/etc/imapd-webmail
case $1 in
start)
LIBAUTHMODULES=
for f in `echo $AUTHMODULES`
do
LIBAUTHMODULES=$LIBAUTHMODULES
${exec_prefix}/libexec/authlib/$f
done
ulimit -v $IMAP_ULIMITD
/usr/bin/env - /bin/sh -c set -a ; \
prefix=/courier ; \
exec_prefix=/courier ; \
sbindir=${exec_prefix}/sbin ; \
bindir=/courier/bin ; \
. ${prefix}/etc/imapd-webmail ; \
IMAP_STARTTLS=NO ; export IMAP_STARTTLS ; \
${exec_prefix}/sbin/couriertcpd -address=$ADDRESS \
-stderrlogger=${exec_prefix}/sbin/courierlogge
r \
-stderrloggername=imapd-webmail \
-maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP \
-pid=$PIDFILE $TCPDOPTS \
$PORT ${exec_prefix}/libexec/courier/imaplogin
$LIBAUTHMODULES \
/courier/bin/imapd Maildir
;;
stop)
${exec_prefix}/sbin/couriertcpd -pid=$PIDFILE -stop
;;
restart)
${exec_prefix}/sbin/couriertcpd -pid=$PIDFILE -restart
;;
esac
exit 0
As an aside, why doesnt the /courier/sbin/imapd-ssl have a the
following?
restart)
${exec_prefix}/sbin/couriertcpd -pid=$PIDFILE -restart
;;
Well. This is my idea. Do you see any problem with this? Is it safe to
run multiple instances of imapd? I suppose so, because there are
already two of them runnig (ssl and non ssl). Three won't hurt, right?
Best regards and sorry for the long email.
Miguel Cabeça
---
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
___
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] Running three instances of imapd
Jeff, By local webmail I mean: the webmail server is the same as the mail server. No, I'm not talking about sqwebmail. I use Horde/Imp that makes imap connections to localhost (127.0.0.1). Those connections don't need to be encrypted. The webmail is accessed via https only. Thanks Miguel Cabeça - Original Message - From: Jeff Jansen [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, October 09, 2003 2:54 PM Subject: Re: [courier-users] Running three instances of imapd On Thursday 09 October 2003 12:33, Miguel Cabeça wrote: o imapd running on port 127.0.0.1 port 143 wich accepts nonsecure connections (local webmail) Just to clarify - by local webmail do you mean courier's sqwebmail? Because it doesn't use imap, it reads the files directly off the disk. So you don't need an imap connection for it. But if you plan on using an actual imap based webmail like Squirrelmail, etc. then you would. (Someone stop me if I'm way off base here!) Jeff Jansen --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] POP-SSL some Mails are doubled
Markus, This is probably a problem caused by Outlook. I had the same problem some time ago. http://support.microsoft.com/?kbid=317945 Your users will need to install Ofice service pack 2. Regards Miguel - Original Message - From: Markus Schabel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, October 06, 2003 11:22 AM Subject: [courier-users] POP-SSL some Mails are doubled Hello! We have a setup with imap, pop, imap-ssl and pop-ssl running. In IMAP there are no problems (with and without ssl), POP works also fine, but with POP-SSL user's report to get mails more than one time (e.g. 2-3 times). Any idea what could cause this problem? regards Markus --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Distiguishing pop3d from pop3d-ssl connections in the logs
Hello all, I want to know who is using SSL to connect to my mail server. I could easily do this by just looking at the logs and grep'ing for pop3d-ssl connections. But this only shows the connections made to the 995 port. The conections on the 110 port using STLS command appear as normal pop3d conections. How can I solve my problem? Best regards Miguel Cabeça --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ___ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
