Re: Qpopper & SSL TLS problem
Clifton Royston wrote: On Fri, Apr 29, 2005 at 11:25:51AM +0200, Dominik Epple wrote: BSD <[EMAIL PROTECTED]> writes: Do you know any other POP server that supports SSL / TLS ? University of Washington IMAP Daemon comes with a pop daemon that supports SSL. There are certainly others, but this one I use myself. Courier-IMAP does (despite the name, it's both IMAP and POP) but it requires maildir format. I would chime my own favorite, the dovecot, and the reason why, because it's so simple to configure tha even I can do it. -- Clifton ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Qpopper & SSL TLS problem
On Fri, Apr 29, 2005 at 11:25:51AM +0200, Dominik Epple wrote: > BSD <[EMAIL PROTECTED]> writes: > > Do you know any other POP server that supports SSL / TLS ? > > University of Washington IMAP Daemon comes with a pop daemon that > supports SSL. There are certainly others, but this one I use myself. Courier-IMAP does (despite the name, it's both IMAP and POP) but it requires maildir format. -- Clifton -- Clifton Royston -- [EMAIL PROTECTED] Tiki Technologies Lead Programmer/Software Architect "I'm gonna tell my son to grow up pretty as the grass is green And whip-smart as the English Channel's wide..." -- 'Whip-Smart', Liz Phair ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Qpopper & SSL TLS problem
BSD <[EMAIL PROTECTED]> writes: > Do you know any other POP server that supports SSL / TLS ? University of Washington IMAP Daemon comes with a pop daemon that supports SSL. There are certainly others, but this one I use myself. Besides that, you can make every pop daemon use SSL using stunnel. http://www.freebsddiary.org/stunnel.php Enjoy, Dominik. -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Qpopper & SSL TLS problem
Le 27 avr. 05, à 14:53, Lowell Gilbert a écrit : Any idea ?? Do you know any other POP server that supports SSL / TLS ? If it's hanging during the *transmission* of mail, then that would be a problem with your MTA (sendmail?), not qpopper, right? What are the actual symptoms of this hang? Messages start to be delivered and then things are hanging and disconnected on the client. Server reports : Apr 27 11:44:23 newmail qpopper[20829]: (v4.0.5) TLSv1/SSLv3 handshake with client at IP_ADDR (IP_ADDR); new session-id; cipher: RC4-SHA (RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1), 128 bits Apr 27 11:44:23 newmail qpopper[20829]: (null) at IP_ADDR (IP_ADDR): -ERR POP EOF or I/O Error Apr 27 11:44:23 newmail qpopper[20829]: (v4.0.5) Timing for @IP_ADDR (error) auth=0 init=0 clean=0 On the Qpopper website they are stating on the FAQ: I see errors such as POP EOF, SIGHUP or SIGPIPE flagged, or POP hangup. Generally, this is because a client has disconnected without sending QUIT. This can be the result of telephone modem problems, which are more likely to occur when downloading large messages. It could also be caused by too-small timeout values in some clients. If you are using Qpopper 4.0 or later and your network is very congested, the aggregating of small packets into one large one can acerbate the situation. In this case you can use the --enable-chunky-writes=1 flag with ./configure, or use set chunky-writes = tls in a configuration file. My network is not congested. I don't use a phoneline, I have enabled the option "set chunky-writes = tls" as I am using TLS… What does the error message POP EOF or I/O error mean? EOF or I/O error almost always means EOF. That is, the network connection with the client dropped unexpectedly. At the point where this message is issued, Qpopper no longer knows if it was an EOF or an actual I/O error, and so it reports the error number just in case it really is an I/O error (which it almost never is). When it is just an EOF, the associated error is meaningless. Where do you think this is coming from ? __ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯ Gregober ---> PGP ID --> 0x1BA3C2FD bsd @at@ todoo.biz __ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Qpopper & SSL TLS problem
BSD <[EMAIL PROTECTED]> writes: > Hello, > > I have a weired problem with Qpopper & FBSD 5.3. > > I am using the latest version compiled using the port tree. with one > or two options : > > CONFIGURE_ARGS= --enable-nonauth-file=${POPUSERS_FILE} \ > --without-gdbm \ > --enable-keep-temp-drop \ > --disable-update-abort \ > --enable-bulletins=/var/spool/bulls \ > --enable-log-login \ > --enable-new-bulls=3 \ > --enable-shy \ > --enable-timing \ > --enable-log-facility=LOG_MAIL \ > --with-openssl=/usr/bin/openssl \ > --with-pam=pop3 > > I am also using this compile time option : > > bsd# make WITHOUT_IPV6=yes WITHOUT_APOP=yes > bsd# make install WITHOUT_APOP=yes > bsd# make clean > > I was using this program since couple of months without any problem. > > But since couple of weeks, I have weired problems with my maling list > account. > > I have configured four accounts : > > - Three are ok (the one on which I receive a small amount of large mail) > - One is causing serious problem (hanging during the transmission of > my mail). This account is used for my mailing list, so I have a lot of > small size mail. > > Any idea ?? > > Do you know any other POP server that supports SSL / TLS ? If it's hanging during the *transmission* of mail, then that would be a problem with your MTA (sendmail?), not qpopper, right? What are the actual symptoms of this hang? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Qpopper & SSL
* Filmbetyg - Pelle Andersson <[EMAIL PROTECTED]> [2004-03-06 15:04]: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html#CURRENT > > > - Original Message - > From: "Joshua Lokken" <[EMAIL PROTECTED]> > To: "Pelle Andersson (SPD Systems AB)" <[EMAIL PROTECTED]> > Sent: Saturday, March 06, 2004 3:19 PM > Subject: Re: Qpopper & SSL > > > > * Pelle Andersson (SPD Systems AB) <[EMAIL PROTECTED]> [2004-03-05 20:43]: > > > Hi! > > > > > > Want to get Qpopper to work with SSL on a FreeBSD 4.9. > > > > > > I'm using: > > > FreeBSD 4.9 CURRENT-p3 > > > > > > > What is FreeBSD 4.9 CURRENT? It seems to go against the > > understanding I have about the development branches... > > Can anyone enlighten me on this? > > OK. My understanding was that the development branch of the 4.x line was called STABLE, and the development branch of 5.x was called CURRENT...hmm. Time to check the archives... -- Joshua ... The prejudices people feel about each other disappear when then get to know each other. -- Kirk, "Elaan of Troyius", stardate 4372.5 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Qpopper & SSL
> I have followed the instruction at various sites about how this > should be done including eudora.com/qpopper. I have also followed > alot of instructions on how to make a cert-file (cert.pem) from > a .key and .crt file. That includes openssh.org. I cannot get it > to work anyway. --> I must be missing something?!? <-- > > I am reciving the errors below in my log files. > > Mar 5 13:00:33 frodo qpopper[390]: Error setting private key PEM file > /usr/local/etc/qpopper/cert.pem > Mar 5 13:00:33 frodo qpopper[390]: ...SSL error: error:0906D06C:PEM > routines:PEM_read_bio:no start line > Mar 5 13:00:33 frodo qpopper[390]: ...SSL error: error:140B0009:SSL > routines:SSL_CTX_use_PrivateKey_file:PEM lib > Mar 5 13:00:33 frodo qpopper[390]: Failed initializing TLS/SSL The error indicates that Qpopper (OpenSSL actually) is having problems reading the private key. Since you are using one file to hold both the private key and the certificate you need to be sure it's formatted correctly *and* the private key isn't encrypted with a password (when you generated the certifiate request, you did so without a password...). cert.pem shold look like.. -BEGIN RSA PRIVATE KEY- MIICXgIBAAKB ... -END RSA PRIVATE KEY- Certificate: Data: Version: 3 (0x2) ... d1:81 -BEGIN CERTIFICATE- MIIEATCCA2qgAwIBAgIBCjANBgkqhkiG9... ... SNSweeFHTZfpnGjjSp9lb258gtGB -END CERTIFICATE- You may have mutiple certificate sections. The Certificate: section is only really for looks and isn't parsed. It's the BEGIN RSA PRIVATE KEY section that is important, or at least the part that is causing this error. -lee ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"