From owner-freebsd-security Fri Nov 10 1: 6:42 2000 Delivered-To: freebsd-security@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 5993037B479 for ; Fri, 10 Nov 2000 01:06:40 -0800 (PST) Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Fri, 10 Nov 2000 01:05:13 -0800 Received: (from cjc@localhost) by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id eAA96a796439; Fri, 10 Nov 2000 01:06:36 -0800 (PST) (envelope-from cjc) Date: Fri, 10 Nov 2000 01:06:35 -0800 From: "Crist J . Clark" To: "Angelo a.k.a shagy" Cc: freebsd-security@FreeBSD.ORG Subject: Re: stunnel, outlook express and qpopper Message-ID: <20001110010635.Z75251@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu References: <20001110085526.19657.qmail@web2904.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <20001110085526.19657.qmail@web2904.mail.yahoo.com>; from shagy@rocketmail.com on Fri, Nov 10, 2000 at 12:55:26AM -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Nov 10, 2000 at 12:55:26AM -0800, Angelo a.k.a shagy wrote: > Greetings i'm trying to wrap pop3 with stunnell (ssl) > I'm using FreeBSD 3.4 > stunnel 3.4a (from the ports) > qpopper 3.1 > > I start qpopper with the following options > "qpopper 192.168.5.1:110 -S" > > Then stunnel starts up like so > "stunnel -d pop3s -r 192.168.5.1:pop3" > > When trying to access mail through outlook express I > get the following message. > "The server you are connected to is using a security > certificate that does not match its internet address. > Do you want to continue using this server?" > > I've read that IE and Netscape have a hard coded list > of Certificate Authorities. And you can get this > message if you haven't had your server certificate > signed by a CA such as verisign. Is this an absolute > truth *or* is there a way around this? Or am I just > way off?! > > Any help would be appreciated A self-signed certificate worked fine for me back when I used to run a similar setup (UW-IMAP and POP3, stunnel, and MS OE). How did you make your cert? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message