Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Adam Procter wrote:
> On Mon, 6 May 2002, Ian Scott wrote:
>
>>Are there plans on locking down POP and IMAP to SSL/TLS only?
>
> I think we'll probably do that, yeah. (Anyone know how widespread the
> support for this is among clients? /me is sort of clueless here ;-))
Mutt, Pine, Mozilla, Netscape 4, Eudora, Outlook and Outlook Express all
support SSL POP and IMAP. Mutt and Pine may require some extra
monkeying around, but the support is definitely there in the more
'commercial' MUAs. Eudora has some funky hoops to go through when using
a self-signed certificate (rather than just an 'accept this cert'
button) but it does work well after wading through several dialog boxes.
> What other IMAP daemons are there? (thus spake the lifelong
> telnet/ssh/pine user)
Well, as far as I know, UW-IMAP is the only IMAP server that supports
the traditional /var/spool/mail and ~/mail mailboxes. The UW IMAP and
POP daemons have historically been pretty unsecure, but I haven't heard
any bad things recently. Keeping on top of Debian security updates
should keep things pretty safe.
There's Courier-IMAP, which is what we use in our qmail setup at work.
It supports SSL and uses the Maildir format exclusively (~/Maildir/
contains your INBOX and all other folders) which would undoubtedly cause
some migration pains, though there are some great mbox2maildir scripts
out there. Mutt and Pine also support Maildir. Courier has a POP
daemon too.
Eudora's qpopper is quite popular POP daemon that supports SSL and
traditional mboxes, but I really have no idea about how secure it is.
There's also a gnu.org pop3d and imapd in the works, but it seems to be
in an embryonic state.
So, anyway, maybe the best option is to keep what we have (though we
probably should move to Postfix) and just keep an eye out for the Debian
security updates.
Ian
--
To unsubscribe, go to http://mlug.missouri.edu/members/edit.php
Archives are available at http://mlug.missouri.edu/list-archives/
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact