"Brett Randall" [EMAIL PROTECTED] writes:
Ok, here's the deal:
qmail-pop3d is NOT secure, nor are most other standard POP3 daemons. POP
passwords are sent in cleartext and are not encrypted. They can be viewed by
people snooping a connection (although this is not as easy as it sounds). A
qmail Digest 2 Jul 2000 10:00:01 - Issue 1050
Topics (messages 44000 through 44037):
Can't find my log file
44000 by: Lou Hevly
44011 by: Steffan Hoeke
Bounce questions
44001 by: Ian Layton
Help! :(
44002 by: Andy Coates
44009 by: Steffan Hoeke
About four months ago, I posed a problem to yahoo and hotmail about
a DOS attack against a mail server. It involved looping mail messages
between mail servers until the target was overwhelmed. They assured
me this was not possible - it had been thought of years ago and was
not possible.
Here
On Sun, Jul 02, 2000 at 01:23:20PM +1000, Brett Randall wrote:
} Ok, here's the deal:
}
} qmail-pop3d is NOT secure, nor are most other standard POP3 daemons. POP
} passwords are sent in cleartext and are not encrypted.
Yes, but if you use APOP, the password goes out in the clear but is
useless
On Sun, Jul 02, 2000 at 12:17:14PM +, george wrote:
I bring this up for one BIG reasons: I read one of qmail's features was
built-in looping control. Apparently, I am doing something wrong with
my QMAIL configuration.
Yup: You are forwarding postmaster mail. This is a guarantee for
On Sun, Jul 02, 2000 at 08:37:03AM -0400, [EMAIL PROTECTED] wrote:
On Sun, Jul 02, 2000 at 01:23:20PM +1000, Brett Randall wrote:
} Ok, here's the deal:
}
} qmail-pop3d is NOT secure, nor are most other standard POP3 daemons. POP
} passwords are sent in cleartext and are not encrypted.
Closing the gap slightly between qmail-local and procmail... I've
implemented a flow control feature in qmail-local for .qmail files.
If you have a sequence of lines like:
?label command arg ...
...
:label
it'll deliver the message to the command, and if the command exits
with status
I would like to know what I need to do to solve this error message :
qmail: 962558237.142034 delivery 162: deferral:
Unable_to_chdir_to_maildir._(#4.2.1)/
Roberto Samarone Araujo
On Mon, Jan 01, 1996 at 06:12:42AM -0200, Roberto Samarone Araújo (RSA) wrote:
I would like to know what I need to do to solve this error message :
qmail: 962558237.142034 delivery 162: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/
What's the command line for qmail-start ?
How did you
qmail: 962558237.142034 delivery 162: deferral:
Unable_to_chdir_to_maildir._(#4.2.1)/
What's the command line for qmail-start ?
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start ./Maildir/ splogger qmail
How did you create the Maildir ?
maildirmake
What are the permissions on
It works exactly the same as SSL and IMAP. You can encapsulate any
TCP connection in an SSL tunnel. This includes IMAP, POP3, telnet, or
even ssh or another SSL session, although the last two are pretty
pointless.
May anyone explain me what sense a SSL tunnel for POP3 does have (I've
been
On Sun, Jul 02, 2000 at 07:38:30PM +0200, Gabriel Ambuehl wrote:
May anyone explain me what sense a SSL tunnel for POP3 does have (I've
been wondering about that for long...)? I mean as long as SMTP
isn't encrypted the message already WAS unencrypted on the net so
why should I encrypt
qmail: 962558237.142034 delivery 162: deferral:
Unable_to_chdir_to_maildir._(#4.2.1)/
I was trying to solve this problem when I discovered that when I send an
internal email , it arrive in Maildir but , if I send an email from another
place , the qmail logs this message . Could you please help
On Sun, Jul 02, 2000 at 03:19:23PM -0300, Roberto Samarone Araújo (RSA) wrote:
qmail: 962558237.142034 delivery 162: deferral:
Unable_to_chdir_to_maildir._(#4.2.1)/
I was trying to solve this problem when I discovered that when I send an
internal email , it arrive in Maildir but , if I
On Sun, Jul 02, 2000 at 03:19:23PM -0300, Roberto Samarone Araújo (RSA)
wrote:
qmail: 962558237.142034 delivery 162: deferral:
Unable_to_chdir_to_maildir._(#4.2.1)/
I was trying to solve this problem when I discovered that when I send an
internal email , it arrive in Maildir but , if
amir:
How do you plan on using SSL with POP? I know that SSL and IMAP work
nicely together, but SSL and POP, never heard about that... maybe some
SSL proxying techniques???
APOP is the variant with challenging secrets.
clemens
[EMAIL PROTECTED]:
Yes, but if you use APOP, the password goes out in the clear but is
useless afterwards. Any client I can think of, including Eudora on my
no, apop challenges the client which has to respond with an encrypted version
of the password thus verifiable at the server. you can
I don't have any alias ... If a remote host send me an email , the qmail
doesn't put it in Maildir ... it logs the error message :
delivery 38: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/
Roberto Samarone Araujo
What exactly is APOP?
Is it supported by outlook and Netscape (ie typical clients)?
At qmail.org, I found :
http://www.geocities.co.jp/SiliconValley/4777/qmail/checkpw/index.html
This program seems to put the qmail password into the user's directory
for both POP and APOP.
Is the idea to allow
[EMAIL PROTECTED] wrote:
On Thu, Jun 29, 2000 at 11:54:55AM -0500, Ian Layton wrote:
Hello.
Your solution is to put your queue on a disk subsystem that can sync
at the rate you want to submit (and deliver). Some do this with a faster
disk, some do this with a partition that is spread
On Sun, Jul 02, 2000 at 12:53:04PM -0700, Joseph R. Junkin wrote:
What exactly is APOP?
APOP is an authentication mechanism for POP, in which passwords are not
transmitted cleartext but *do* need to be in a cleartext-list on the
server.
Is it supported by outlook and Netscape (ie typical
On Sun, Jul 02, 2000 at 01:58:40PM -0700, Eric Cox wrote:
[snip]
Just out of curiosity, has anyone tried loading up a machine with
gobs of RAM and then placing the queue on a ramdisk? I know this
would be dangerous for a production machine though, and I don't even
know if the whold
On Sun, Jul 02, 2000 at 11:47:20PM +0200, Peter van Dijk wrote:
On Sun, Jul 02, 2000 at 12:53:04PM -0700, Joseph R. Junkin wrote:
What exactly is APOP?
APOP is an authentication mechanism for POP, in which passwords are not
transmitted cleartext but *do* need to be in a cleartext-list on
Hi all
can anyone tell me how do i implement Pop Authentication on SSL ? i'm
using qmail-pop3d currently with checkpasswd..
regards,
Parag Mehta[EMAIL PROTECTED]
System Administrator.
Puretech Internet Pvt. Ltd.http://puretech.co.in/
77 Atlanta. Nariman Point.
A previously-compiled version is on my system. Qmail with rblsmtpd is the
only thing running from inetd, and I'm getting the following errors (a lot
of them):
Jul 2 20:21:31 cyrix inetd[810]: pid 27892: exit status 1
That seems to point to rblsmtpd. When I tried to recompile, thinking
I get the following errors when attempting to compile rblsmtpd-0.70 on Red
Hat 6.2 running kernel 2.2.16-3. Any ideas about how I can get this to
compile?
In file included from /usr/include/bits/posix1_lim.h:126,
from /usr/include/limits.h:30,
from
Initially I thought I saw your point, but I was wrong. You don't seem
to be making any sense.
On Sun, Jul 02, 2000 at 10:17:23PM -0400, Adam McKenna wrote:
[this sentence originally came after the next quoted block]
If he can find a security hole that allows him to read files
that don't
Adam McKenna wrote:
On Sun, Jul 02, 2000 at 04:52:25PM -0700, Tom Fishwick wrote:
Adam McKenna wrote:
On Sun, Jul 02, 2000 at 11:47:20PM +0200, Peter van Dijk wrote:
On Sun, Jul 02, 2000 at 12:53:04PM -0700, Joseph R. Junkin wrote:
What exactly is APOP?
APOP is an
The compile problem has been resolved. Even though rpm confirmed that all
the files where there, and working, things were still broken until I
forced an upgrade of the identical packages. *shrug* Who knows why? The
point is it works now.
I'm still curious to know what those exit 1 and exit 111
On Sun, Jul 02, 2000 at 08:37:24PM -0700, Todd A. Jacobs wrote:
/usr/include/bits/errno.h:25: linux/errno.h: No such file or directory
make: *** [txt.o] Error 1
Do you have the linux source tree installed on your box? I'm guessing
not.
Ben
--
The spectre of a polity controlled by the fads
Hi:
How can I get qmail to allow SMTP relaying based on my client SSL
certificate? When travelling my IP number changes, and I want to use
my secure SMTP server to send my mail.
TIA,
Adam Mackler
On Sun, Jul 02, 2000 at 09:30:41PM -0700, Todd A. Jacobs wrote:
On Sun, 2 Jul 2000, Ronny Haryanto wrote:
Installing the package kernel-headers will suffice. It's not necessary
to install the whole kernel source tree just to compile.
I have those, too: kernel-headers-2.2.16-3
Where
for example:
If I use ezmlm to build a mailling list.
Which has 26 subscribers : [EMAIL PROTECTED] -- [EMAIL PROTECTED]
All on the same host "remote.host"
Then I send a message to the mailling list, does qmail+ezmlm
1.Send ONE message to "remote.host". And let the MTA of "remote.host"
deliver
On Mon, Jul 03, 2000 at 12:17:05AM -0400, Adam McKenna wrote:
On Sun, Jul 02, 2000 at 08:44:23PM -0700, Brian D. Winters wrote:
Make the list readable only by root. Now a local user effectively
needs root access to read the APOP secrets. Once that local user has
rooted the box, I don't
34 matches
Mail list logo
