On Wed, Sep 29, 1999 at 09:44:28AM -0400, Michael H. Warfield wrote:
> On Wed, Sep 29, 1999 at 12:25:27PM +0530, Dr. S.K. Singh wrote:
> > Hi all,
>
> > My Redhat 6.0 is not transmitting any mail to Win boxes vai POP3. While
> > receiving/sending it says Secure Port 25 (SSL)/ secure port 110(SSL). I
> > have put local IPs of all this boxes in /etc/mail/access file. What else
> > is required. Any suggestion Please
> > Thanks.
>
> Huh???
A clear hallmark that responder hasn't been tracking what IETF has
done to several protocols over the last year after the early days of
"run protocol X within a SSL stream on port Y" days -- it needs so
many extra ports...
> Secure pop3 (pop3s) is suppose to be on port 995, not port 110.
> Secure imap (imaps) is port 993. Secure smtp no longer exists. These
> are assigned by IANA and it's those ports that Outlook and Netscape are
> suppose to try and contact for receiving SSL encrypted traffic, they
> shouldn't even try the non-encrypted ports (110 for pop3 and 143 for imap)
> if you specified a secure connection. Why it would say "Secure Port 25
> (SSL)/ secure port 110(SSL)", is beyond me. Those port numbers are
> just wrong for SSL.
Standards are in RFC numbers:
2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman.
January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD)
2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
(Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
From where you can get POP/IMAP servers implementing these commands,
those I can't point to you right now -- perhaps Freshmeat has some ?
SMTP-servers equipped with STARTTLS capability include:
- Commercial servers:
- MS Exchange 5.5
- Innosoft PMDF 5.2
- Netscape Messenger
- Sourceware:
- QMAIL (with patches, also smtp client)
- PostFix (with patches, also smtp client)
- ZMailer (standard source version, smtp server only so far)
propably somebody has made patches to sendmail also..
....
> There are a bunch of other assignments for vaious protocols
> encrypted by SSL. They are not generally on the same ports as the
> unencrypted protocols. The various proxies and wrappers can handle
> most of them (possible exception of ftps - use the SSL enabled versions
> of ftp client and server) just fine.
Yes, a few protocols can't be wrapped with preceding
'STARTTLS' action verb (or its equivalent.)
One of the more important ones is HTTP+SSL -> HTTPS.
(HTTP 1.0 isn't interactive in same sense as SMTP, POP, etc. are)
FTP should be wrappable with STLS verb, although encrypting
the data channel is another story...
> > Dr. S. K. Singh,
> > Agril. Res. Services. Scientist (AG&B) and I/C ARIS Cell,
> > CIRG, Makhdoom, Farah, Mathura
> > 281122, India. Ph. 91-565-7-63334(R)
>
> Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
/Matti Aarnio
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
