[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Enabling SSL for IMAP and POP3



The port for the SSL (465 and 993) seem to be a little off standard.
With both Outlook and Eudora you can set the ports by just filling in the
blank.

Netscape (as far as I have found) does not allow this, it wants the SSL
tunnel
on the same (25 and 143) ports, and with the SSL wrapper re-direction this
does
not work well, because then the non-SSL clients (like other mail servers)
cannot
connect to the non-SSL 25, just causes a big mess.

I have tried to setup Netscape using its configuration file, basically if
you can figure
out how to set the SSL IMAP and SSL SMTP ports on netscape to the 465 and
993
then Netscape would work.

In all honesty I have to say I fought moving from Netscape Messanger to
Outlook Express,
big bad Microsoft Train, but it actually works really well with a IMAP
client and even supports
custom (non-CA signed) certs for email encryption, something that Netscape
hated. This allows
us to also create our own signed (with us being the CA) certs and then
creating user certificates
and signing them ourselves (don't have to pay the man this way, we have full
control also security
wise on the storage and delivery of our Root CA cert, also we can specify
the Key size - like 4096
for the master and 2048 for the users).

Just my two cents..

Regards,
Steven Hildreth
Information Technology Manager
Aprotex Corporation, http://www.aprotex.com
"Proven Property Protection Since 1952"

----- Original Message -----
From: "Bret Hughes" <bhughes elevating com>
To: <redhat-list redhat com>
Sent: Monday, May 08, 2000 5:35 PM
Subject: Re: Enabling SSL for IMAP and POP3


> What do you have to do to use netscape as a client and why does it not
work
> great with it.  I've been thinking pretty hard about letting our email be
> exposed to the net through our DSL link but haven't really convinced
myself I
> can do it safely.  I use ssh and forward a connection to the imap server
> through the firewal that will only accept the keys and  passphrase  but my
> patner thinks that is too complicated to do so he leaves his mail on the
ISP
> server too.
>
> Very interested in your reply when/if you have the time.
>
> Bret
>
> Steven Hildreth wrote:
>
> > Ok not a problem -
> >
> > below  is the /etc/services file, stuff regarding
> > the stuff you need (just append this to your file in not already there):
> >
> > ----------------------------------------
> > # /etc/services:
> > # $Id: services,v 1.4 2000/01/23 21:03:36 notting Exp $
> >
> > smtp 25/tcp mail
> >
> > imap2 143/tcp imap
> > imap2 143/udp imap
> >
> > # Services added for the Debian GNU/Linux distribution
> >
> > ssmtp 465/tcp # SMTP over SSL
> > simap 993/tcp # IMAP over SSL
> > --------------------------------------
> >
> > below is the /etc/inet.conf file, again just the stuff you asked about
> >
> > -----------------
> > imap    stream  tcp     nowait  root    /usr/sbin/tcpd imapd
> >
> > #This is a ssl implementation that works great with Outlook Express and
> > Eudora, not netscape
> > simap stream tcp nowait root /usr/sbin/tcpd /usr/bin/sslwrap -cert
> > /usr/local/ssl/certs/server.pem -port 143
> > ssmtp stream tcp nowait root /usr/sbin/tcpd /usr/bin/sslwrap -cert
> > /usr/local/ssl/certs/server.pem -port 25
> >
> > --------------------------
> >
> > HTH,
> >
> > Regards,
> > Steven Hildreth
> > Information Technology Manager
> > Aprotex Corporation, http://www.aprotex.com
> > "Proven Property Protection Since 1952"
> >
> > ----- Original Message -----
> > From: "Zoki" <zoki magic fr>
> > To: <redhat-list redhat com>
> > Sent: Monday, May 08, 2000 3:40 PM
> > Subject: Re: Enabling SSL for IMAP and POP3
> >
> > > On Mon, 8 May 2000, Steven Hildreth wrote:
> > >
> > > ->I use SSL for my IMAP and SMTP clients using Outlook Express, here
is
> > how I
> > > ->did it (not saying the best way but it works reliably)..
> > > ->
> > >  <snip>
> > >
> > > ->If you would like I can send you a copy of my /etc/inetd.conf  and
> > > ->/etc/services config files.
> > >
> > >
> > > *** Please do!
> > >
> > > Cheers!
> > >    _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/
> > >   _/ Zoran GRBIC       _/  Linux advocate   _/
> > >  _/ UNIX Sys Analyst  _/  Micro$oft clean  _/
> > > _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/
> > > Mailed with Linux & Pine...
> > >
> > >
> > > --
> > > To unsubscribe: mail redhat-list-request redhat com with "unsubscribe"
> > > as the Subject.
> > >
> >
> > --
> > To unsubscribe: mail redhat-list-request redhat com with "unsubscribe"
> > as the Subject.
>
>
> --
> To unsubscribe: mail redhat-list-request redhat com with "unsubscribe"
> as the Subject.
>



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]