On Wed, Sep 29, 1999 at 12:25:27PM +0530, Dr. S.K. Singh wrote:
> Hi all,
> My Redhat 6.0 is not transmitting any mail to Win boxes vai POP3. While
> receiving/sending it says Secure Port 25 (SSL)/ secure port 110(SSL). I
> have put local IPs of all this boxes in /etc/mail/access file. What else
> is required. Any suggestion Please
> Thanks.
Huh???
Secure pop3 (pop3s) is suppose to be on port 995, not port 110.
Secure imap (imaps) is port 993. Secure smtp no longer exists. These
are assigned by IANA and it's those ports that Outlook and Netscape are
suppose to try and contact for receiving SSL encrypted traffic, they
shouldn't even try the non-encrypted ports (110 for pop3 and 143 for imap)
if you specified a secure connection. Why it would say "Secure Port 25
(SSL)/ secure port 110(SSL)", is beyond me. Those port numbers are
just wrong for SSL.
How have you got SSL set up on RedHat 6.0? Are you using edssl,
stunnel, sslwrapper, sslproxy, some other ssl "wrapper/proxy", or some
special ssl-enabled server? I use an SSL proxy out of /etc/inetd.conf
and it works like a charm. It's most definitely NOT and "out of the box"
server though, and you have to have a server certificate setup with the
proper names and certification. If you don't have your certificate signed
by a service like Thawte or Verisign, you have to have your users manually
accept the certificate the first time they connect in. Outside of that,
self signed certificates work just fine (and are relatively simple to
generate).
There are a bunch of other assignments for vaious protocols
encrypted by SSL. They are not generally on the same ports as the
unencrypted protocols. The various proxies and wrappers can handle
most of them (possible exception of ftps - use the SSL enabled versions
of ftp client and server) just fine.
IANA assigned port numbers can be found at:
http://www.isi.edu/in-notes/iana/assignments/port-numbers
"Secure SMTP" (smtps) was assigned out by IANA to a port at one
time, but I understand that they realized the silliness of the whole idea
and rescinded the allocation. It use to still be listed in the IANA
port-numbers file, but it seems they have even removed it from that file.
What makes that strange is that other deprecated ports and assignments
remain in the file as placeholders. For instance, port 585 use to be
used for imap4-ssl. Its use is not recommended and port 993 is recommended
instead. It remains in the port-numbers file to prevent reassignment of
that port and to make the recommendation to switch to 993.
=OR=
Funny thought... I just realized that you never said that you
wanted to be using SSL encrypted services, only that the client message
indicated secure services on the non-secure ports. Do you want to be
using SSL secured connections or did you intend to use unencrypted connections
in the first place? If you hadn't intended to use SSL, disable the "Secure
Connection" (I think that's what Netscape calls it) option on the server
preferences tab.
> *~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
> Dr. S. K. Singh,
> Agril. Res. Services. Scientist (AG&B) and I/C ARIS Cell,
> CIRG, Makhdoom, Farah, Mathura
> 281122, India. Ph. 91-565-7-63334(R)
> 63246 (Fax), 63325 (O)
> *_*_*_*_*_*_*_*_*_*_*_*_*_*_*_*_*_*_*_*_*_*_*
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
