Jeff Schroeder on 29 Jan 2003 03:40:01 -0000 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [hosers-announce] APOP now with real SSL flavor! |
At 01:18 PM 1/28/2003, Joel Uckelman wrote:
Since UW is planning to eliminate unencrypted POP3 access, I had to learn how to use POP3 over SSL, which made me curious about how difficult it would be to set up encrypted APOP on charybdis. As it turns out, not very hard at all. If you pull mail from charybdis (instead of reading it locally), you now also have the option of doing that over an SSL tunnel on port 995. I'm not sure if anyone else does this but me, but here's what to do to get it to work: 1. If you use fetchmail (Jeff?), add the 'ssl' keyword as a user option.
I already use a ssh tunnel for fetchmail. Settings are:user 'jeffs' there with password '<my password>' is 'jeffs' here options no rewrite
preconnect 'ssh -f jeffs@xxxxxxxxxxx -L 11110:ellipsis.cx:110 sleep 5'
2. If you use Eudora or Outlook, follow the instructions here: http://www.doit.wisc.edu/WiscMail/configuring/index.asp
I tried it with Eudora and got the error message"SSL Negotiation Failed: Certificate Error: Cert Chain not trusted. Try adding this certificate to your certificate database for SSL to succeed."
Then it says"Certificate bad: Destination nost name does not match host name in certificate."
I tried ellipsis.cx and charybdis.ellipsis.cx
Keep in mind that if you want to continue using normal APOP, you can just ignore this.
jeff _______________________________________________ hosers-announce mailing list hosers-announce@xxxxxxxxxxx http://lists.ellipsis.cx/mailman/listinfo/hosers-announce