Jason Straight wrote:
>
> It seems ipop3d won't allow me to login. On further inspection the xinetd
> startups for both pop3s and ipop3d are exactly the same. pop3s is supposed to
> be the secure mode one, I am guessing that what's going on here is that
> ipop3d is trying to use ssl when in fact I don't want to.
>
Not exactly the same binary support both services, SSL and not SSL. Maybe we
can create link binaries for ipop3s and imapds, so that different entries
could be used in /etc/hosts.allow. Chmouel what do you think?
The fact that it isn't working is due to problem with latest pam 0.74, we
are still investigating on, in fact if in /etc/pam.d/pop3|imap you place
auth required pam_unix.so
account required pam_unix.so
password required pam_deny.so
session required pam_unix.so
which is not the right entry, imap/pop3 is working correctly either in SSL or non SSL
mode.
Note also that to get native SSL support with either pop3s and imaps you need to place
a valid SSL certificate (see openssl doc for how to build it) into
/usr/share/ssl/certs/imapd.pem
and /usr/share/ssl/certs/ipop3d.pem.
Regarding clients for SSL support currently on Linux there is only netscape
that supports IMAPs natively. KMail had SSL POP3 support in KDE 2.0, but
now in KDE 2.1 I no longer see the checkflag in KMail for POP3 SSL support.
Alternative for Linux clients is to use stunnel. In Windows instead latest
Eudora beta 5.1.0.X and OutLook 5 supports both imap and pop3 SSL natively.
bye.
Giuseppe