From owner-freebsd-questions@FreeBSD.ORG Sun Jul 27 15:57:11 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6716C37B404 for ; Sun, 27 Jul 2003 15:57:11 -0700 (PDT) Received: from zoot.lafn.org (zoot.lafn.ORG [206.117.18.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C53643F3F for ; Sun, 27 Jul 2003 15:57:10 -0700 (PDT) (envelope-from bc979@lafn.org) Received: from lafn.org (host-66-81-24-225.rev.o1.com [66.81.24.225]) by zoot.lafn.org (8.12.3p2/8.12.3) with ESMTP id h6RMv7nV068917; Sun, 27 Jul 2003 15:57:07 -0700 (PDT) (envelope-from bc979@lafn.org) Date: Sun, 27 Jul 2003 15:57:05 -0700 Content-Type: text/plain; charset=WINDOWS-1252; format=flowed Mime-Version: 1.0 (Apple Message framework v552) To: Matt Staroscik From: Doug Hardie In-Reply-To: <5.2.0.9.2.20030727130106.02a0faf0@mail.speakeasy.net> Message-Id: Content-Transfer-Encoding: quoted-printable X-Mailer: Apple Mail (2.552) cc: freebsd-questions@freebsd.org Subject: Re: qpopper pop3 and SSL experiences X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jul 2003 22:57:11 -0000 I am using qpopper 4.0.3 for an ISP and it works fine for all the=20 various SSL mail clients. Configuration may be a bit difficult for the=20= client as some of them use the interim SSL mail port and some use the=20 standard POP3 port. I have to run 2 separate POP servers with=20 different ports to handle them. Likewise the users have to try the 2=20 different client configurations to see which one works for their=20 specific client. Eudora on the Mac was simple. I have tested it on=20 the PC also and I have a large number of users using it. The two=20 config files I use are: set bulldir=3D"/var/bulletins" set reverse-lookup=3Dfalse set home-dir-mail=3D".mail" reset keep-temp-drop set fast-update reset check-old-spool-loc set tls-support=3Dstls set tls-private-key-file=3D/www/certs/mail.key.pem set tls-server-cert-file=3D/www/certs/mail.cert.pem set trim-domain=3Dtrue set bulldir=3D"/var/bulletins" set reverse-lookup=3Dfalse set home-dir-mail=3D".mail" reset keep-temp-drop set fast-update reset check-old-spool-loc set tls-support=3Dalternate-port set tls-private-key-file=3D/www/certs/mail.key.pem set tls-server-cert-file=3D/www/certs/mail.cert.pem set trim-domain=3Dtrue Here are the instructions we provide our users for Eudora: Some e-mail clients do support RFC 2595 and they work differently. =20 They use port 110 which is the standard POP3 port. Here are the=20 configuration instructions for Eudora 5.1: =95 Go to Tools, Options and then select the icon for Checking Mail. =95 Set the Secure Sockets when Receiving to "If Available, = STARTTLS". =95 Then select OK and download mail. It will fail with a = certificate=20 problem. =95 Go back to Tools, Options, Checking Mail and select the button = "Last=20 SSL Info". =95 That will display the LAFN certificate. =95 Select the Certificate Information Manager button just above the = OK=20 button. =95 That displays a different view of the certificate. =95 Press the "Add To Trusted" button. =95 Then press Done, OK etc. back out. =95 Then download mail again and it should work. On Sunday, Jul 27, 2003, at 13:09 US/Pacific, Matt Staroscik wrote: > > To make a long story short, I have been unable to get qpopper 4.0.5 +=20= > SSL to work with Eudora 5.2.1. Using my self-signed cert I can get a=20= > secure connection to Apple's OS X mail client, but not Mac or Windows=20= > Eudora. On the Mac I see handshake errors, on Windows I get errors=20 > which I may be able to get around but without Mac support it isn't=20 > worth it. > > =46rom Googling I have learned that there are many others having = issues=20 > with qpopper, Eudora and SSL but I haven't found a workaround. > > Has anyone found a pop3 daemon with SSL support that works with a wide=20= > variety of email clients? Oh, FWIW my MTA is Exim and I should be able=20= > to switch to maildir instad of /var/ mail storage easily enough, if=20 > required, as the system is not in production yet. > > Thanks! > > Cheers, > Matt > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to=20 > "freebsd-questions-unsubscribe@freebsd.org" > > -- Doug