From owner-freebsd-questions@FreeBSD.ORG  Tue Jun  3 16:13:35 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8F7FD37B401
	for <freebsd-questions@freebsd.org>;
	Tue,  3 Jun 2003 16:13:35 -0700 (PDT)
Received: from pop017.verizon.net (pop017pub.verizon.net [206.46.170.210])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9D5AE43F3F
	for <freebsd-questions@freebsd.org>;
	Tue,  3 Jun 2003 16:13:34 -0700 (PDT)	(envelope-from cswiger@mac.com)
Received: from mac.com ([129.44.60.214]) by pop017.verizon.net
          (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP
          id <20030603231334.LLAJ27254.pop017.verizon.net@mac.com>;
          Tue, 3 Jun 2003 18:13:34 -0500
Message-ID: <3EDD2B9D.1040409@mac.com>
Date: Tue, 03 Jun 2003 19:13:33 -0400
From: Chuck Swiger <cswiger@mac.com>
Organization: The Courts of Chaos
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.4b) Gecko/20030507
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <20030603210515.M35572@enabled.com>
	<AB5043AA-960A-11D7-8522-003065ABFD92@mac.com>
	<20030603221436.M55167@enabled.com>
In-Reply-To: <20030603221436.M55167@enabled.com>
X-Enigmail-Version: 0.75.0.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Authentication-Info: Submitted using SMTP AUTH at pop017.verizon.net from
	[129.44.60.214] at Tue, 3 Jun 2003 18:13:33 -0500
cc: admin <admin2@enabled.com>
Subject: Re: secure SMTP and cygnus-sasl handling
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jun 2003 23:13:35 -0000

admin wrote:
>> Sendmail will do STARTTLS if both sides support it, and you can even 
>> configure things to not permit plain text authentication (AUTH LOGIN)
>> unless TLS/SSL has been negotiated.
>
> is there a way to do something similar with POP so it does not handle non-SSL
> negotiated sessions?

I'm not sure about POP, but yes for IMAP; see /usr/ports/mail/imap-uw, which 
does include a POP3 server as well.

[ ...and in another email... ]
 >> Sendmail will do STARTTLS if both sides support it, and you can even
 >> configure things to not permit plain text authentication (AUTH LOGIN)
 >> unless TLS/SSL has been negotiated.
 >
 > this is the answer.  can you point me to someplace on how to do this?

http://www.sendmail.org/~ca/email/auth.html
http://www.sendmail.org/~ca/email/starttls.html

-Chuck