OT: what POP server code do you use?

Tue Jan 4 21:19:39 GMT 2005

Jeff A. Earickson wrote:

> Gang,
>
> We have been using Qualcomm's qpopper here for ages.  I'm trying to
> get TLS/SSL working with it and the documentation is weak.  I'm just
> wondering what others use for open-source POP servers out there.
> Suggestions for good secure documented code, please...
>
> Jeff Earickson
> Colby College
>

Jeff,

What problems are you having?  We have had qpopper with TLS/SSL working
on a lab machine for quite a while.

Looks like we built it passing "--with-openssl" to ./configure.

 From /etc/inetd.conf (watch the line wrap):

#
# Pop and imap mail services et al
#
pop-3   stream  tcp     nowait  root    /usr/sbin/tcpd  in.qpopper -R -f
/etc/mail/qpopper-110.config
spop3   stream  tcp     nowait  root    /usr/sbin/tcpd  in.qpopper -R -f
/etc/mail/qpopper-995.config

And stuck some configuration files in /etc/mail:

more /etc/mail/qpopper-*
::::::::::::::
qpopper-110.config
::::::::::::::
set tls-support = stls
set config-file = /etc/mail/qpopper-tls.config
::::::::::::::
qpopper-995.config
::::::::::::::
set tls-support = alternate-port
set config-file = /etc/mail/qpopper-tls.config
::::::::::::::
qpopper-tls.config
::::::::::::::
set tls-server-cert-file = /home/sites/home/certs/certificate
set tls-private-key-file = /home/sites/home/certs/key

The certificate and key are commercial.  As far as I remember, we did
not try self-signed certs.

This set-up lets you do secure POP over port 995, or have the mail
client request TLS on the standard POP port, 110.  Both ports use the
same certificate.

Regards,

        Richard Siddall

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!