Aha! found the problem. Layer5 encryption in SSL is NOT APOP. so I removed bobo, my test user, from the APOP database and tried again.... And Voilla! it works :-)
Thanks! On Mon, 1 Sep 2003, Miki Shapiro wrote: > Okay, this is something I spent all last night trying to work. > > I did everything as it says here (build openssl, build qpopper with > relevant configure options, opened my own cert authority, generated a > certifiacte, add it to the cert.pem file, etc. > > When I log in using OE, OE says "securing", gives me the message that my > CA is not trusted, I accept, then it says "authenticating..." and > fails miserably, and qpopper says: > > Sep 1 12:45:56 pharoe qpopper[85775]: bobo at 127.0.0.1 (127.0.0.1): -ERR > [AUTH] You must use stronger authentication such as AUTH or APOP to > connect to this server > Sep 1 12:45:56 pharoe qpopper[85775]: I/O Error > Sep 1 12:45:56 pharoe qpopper[85775]: bobo at 127.0.0.1 (127.0.0.1): -ERR > POP EOF or I/O Error > > (on OE6, "Log on using Secure Password Authentication" is not checked, > "This server requires a secure connection (SSL)" is checked. > > If I check the former in, I get the same error minus the first line (the > one that points out it wants either APOP or AUTH authentication). > > Ideas? Help? > > On Mon, 1 Sep 2003, Boaz Rymland wrote: > > > I've invistaged this not long ago. AFAIK, APOP is a good method to get > > privacy as far as POP3 comm is concerned, but APOP is supported by too > > little mail clients, mostly Eudora email client (the same company that > > produces/finances... QPopper). AFAIK, unforutnately, NO APOP support in > > outlook :-( (why add support when we monopolize the market???). > > > > I'm using qpopper + SSL. See the following guides/information pages: > > > > http://www.networkcomputing.com/1018/1018ws2.html (OLD, but informative) > > http://slowest.net/docs/howtos/mail/qpopper-ssl.html (QPopper + SSL > > "tutorial" guide) > > > > all in all - it works for me like a charm with the winblows clients > > outlook, outlook express. See in their configuration windows the palce > > to set the POP server to use SSL (a check box). > > > > good luck, > > Boaz. > > > > Miki Shapiro wrote: > > > > >1. I have a ~20 user pop3 mail system. I don't want passwords out in the > > >open. I run qpopper 4, which supports APOP, and AFAIK does not support > > >SPA. > > > > > >2. My users use Outlook or OE. said clients support SPA, and do not > > >support APOP. Yes, I am aware SPA is not the most secure thing in the > > >world, and that it's NT LM 1.0-based, but I can't change the clients. > > > > > >Suggestions? (qpopper modules? alternate secure & worthwhile pop3 > > >servers?) > > > > > >Thanks! > > > > > >Miki > > > > > > > > >================================================================= > > >To unsubscribe, send mail to [EMAIL PROTECTED] with > > >the word "unsubscribe" in the message body, e.g., run the command > > >echo unsubscribe | mail [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > ================================================================= > > To unsubscribe, send mail to [EMAIL PROTECTED] with > > the word "unsubscribe" in the message body, e.g., run the command > > echo unsubscribe | mail [EMAIL PROTECTED] > > > > > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
