From owner-freebsd-questions@FreeBSD.ORG Mon Feb 23 17:29:19 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9DC6E16A4CE for ; Mon, 23 Feb 2004 17:29:19 -0800 (PST) Received: from mail3.panix.com (mail3.panix.com [166.84.1.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6BAFD43D2F for ; Mon, 23 Feb 2004 17:29:19 -0800 (PST) (envelope-from stanb@panix.com) Received: from panix.com (brillig.panix.com [166.84.1.76]) by mail3.panix.com (Postfix) with ESMTP id 8EEBF984A6 for ; Mon, 23 Feb 2004 20:29:16 -0500 (EST) Received: from teddy.fas.com (pcp01010374pcs.mplsnt01.sc.comcast.net [68.58.176.69]) by panix.com (Postfix) with ESMTP id D18E22AA10 for ; Mon, 23 Feb 2004 20:29:15 -0500 (EST) Received: from stan by teddy.fas.com with local (Exim 3.36 #1 (Debian)) id 1AvRNr-0007Dk-00 for ; Mon, 23 Feb 2004 20:29:15 -0500 Date: Mon, 23 Feb 2004 20:29:15 -0500 From: stan To: Free BSD Questions list Message-ID: <20040224012915.GA27408@teddy.fas.com> Mail-Followup-To: Free BSD Questions list References: <20040224003846.GB25902@teddy.fas.com> <20040224010221.GA70587@keyslapper.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040224010221.GA70587@keyslapper.org> X-Editor: gVim X-Operating-System: Debian GNU/Linux X-Kernel-Version: 2.4.23 X-Uptime: 20:19:39 up 8:00, 1 user, load average: 0.00, 0.03, 0.10 User-Agent: Mutt/1.5.4i Sender: Stan Brown Subject: Re: imap question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Feb 2004 01:29:19 -0000 On Mon, Feb 23, 2004 at 08:02:22PM -0500, Louis LeBlanc wrote: > On 02/23/04 07:38 PM, stan sat at the `puter and typed: > > I'm trying to help a firend of mine get an imap server running on one of > > his FreeBSD 4.9 STABLE machines. > > > > We have built the UW imapd port, and installed it. However we seem to be > > habing a bit of a problem making it work. > > > > Tha man page, and the docs (which I only found in the ports work directory > > for some reason, don't they get installed somewhere?) All seem to agree, > > that it shoud "juts work" However in our case it does not :-( > > > > Cruently we are gettin error messages like this in /var/log/mailog: > > > > maillog.0:Feb 22 19:40:26 ops2 imapd[59881]: Unable to load certificate > > from /usr/local/certs/imapd.pem, host=router.XXX.net [192.168.2.1] > > > > As you can see, this box is located on a DMZ, behin an OpenBSD firweall > > (running pf). WE have that box redirecting port 993 to teh FreeBSD box > > running imap. > > > > What am I missing here? > > You can't really accept secure connections without an SSL certificate. > Check the docs to find the details, but you probably want the OpenSSL > docs as well to tell you how to create an SSL key and PEM cert. The > path provided in the error message tells you where the cert is > expected to be. Chances are that if you check the imapd.conf you'll > also see where the key should be placed. Sorry I wasn't clear here. The _is_ a certificate there. Created (I assume by the port build process). However it seesm that since the packes are being redirected _from_ th router (OpenBSD) box, imapd wan'ts the certificate to be _for_ the router box. Any ideas how to fix this? > > Unless you have it configured to block or simply not accept regular > IMAP connections, you might be able to connect on port 143, if you > just redirect that port. Only problem is your connection won't be > secure. And the passwords will be passed in the clear, right? Might as well use POP, correct? Thanks for the help. -- "They that would give up essential liberty for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin