At 02:03 PM 10/2/01, Randall Gellens wrote: >At 11:17 PM -0700 10/1/01, Leonard C. wrote: > >> >> I'm trying to get qpopper's TLS set up so that clients can check their mail >> over a SSL tunnel. Unfortunately, only Eudora clients currently work at >> this >> time. When Outlook's enable SSL box is checked, Outlook reports the server >> suddenly reset the TCP connection and qpopper reports: >> >> Sep 27 12:28:00.751 2001 [6091] Set tls-support to STLS (2) >> Sep 27 12:28:00.751 2001 >> Sep 27 12:28:00.754 2001 [6091] Set tls-server-cert-file to >> "/usr/local/etc/qpopper/certs/cert.pem" >> Sep 27 12:28:00.754 2001 >> Sep 27 12:28:00.821 2001 [6091] (null) at xxx (xx.xx.xx.xx): -ERR POP >> EOF or >> I/O Error > >My guess is that Outlook (or at least your version of it) doesn't support >STLS.
From my testing, I can confirm that Outlook does a terrible job of implementing STLS. For POP, they seem not to do it at all, and for SMTP, they only understand STLS if you've got the SMTP Port set to 25. If you try to set to 587 (Submission), they fail to handle STLS. Wierd... > That's unfortunate, but you can get around it. You'll need to have two > instances of Qpopper, one on the normal POP3 port which supports STLS (as > you've already done), and one of the SPOP3 port that supports > alternate-port SSL. The Administrative Guide tells how to do this with > three configuration files (to avoid duplicating the common stuff). This is how I've set up my world... two entries for popper in inetd.conf (or equivalent), and two config files. Works fine. I haven't found a good solution for Sendmail/Outlook TLS interaction, other than using stunnel to light another unused port. ----------------------------------------------------------------- Daniel Senie [EMAIL PROTECTED] Amaranth Networks Inc. http://www.amaranth.com
