Question (pop/imap over ssl)

Michael Dexter wrote:
> 
> Hello,
> 
> I have the same question and found the same answer on
the wiki. Perhaps
> both Jorge and I are asking, "is dbmail imapd-ssl
planned?" Stunnel is
> good for those in the know but will be an
administration challenge with
> ordinary users plus can require acrobatics if checking
multiple accounts.

The only challenge in setting up stunnel is in obtaining a
(self-signed?) certificate. And that very same challenge
will not go
away if and when dbmail acquired STARTTLS capabilities.

For SSL/TLS you will allways need a valid certificate and
some
understanding as to the why.

Disto maintainers *can* make things easier by offering to
generate
self-signed dummy certificates, and setting up things like
stunnel for
joe-user. But that's about it.

Finally, I don't quite understand what you mean by
acrobatics when
checking multiple accounts...

I've updated the wiki entry a bit. It was a bit sparse on
details. Hope
that helps.

-- 
 
____________________________________________________________
____
  Paul Stevens                                      paul at
nfg.nl
  NET FACILITIES GROUP                     GPG/PGP:
1024D/11F8CD31
  The Netherlands________________________________http://www.nfg.nl
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail

Hello,

>  > I have the same question and found the same
answer on the wiki. Perhaps
>>  both Jorge and I are asking, "is dbmail
imapd-ssl planned?" Stunnel is
>>  good for those in the know but will be an
administration challenge with
>>  ordinary users plus can require acrobatics if
checking multiple accounts.
>
>The only challenge in setting up stunnel is in obtaining
a
>(self-signed?) certificate. And that very same challenge
will not go
>away if and when dbmail acquired STARTTLS capabilities.

Perhaps I am missing something: the tunnel is only active
server side 
and joe-user need only click "use ssl" in their
mail client, or they 
must create a tunnel from between their desktop and the
server, and 
point their mail client at localhost? (I am hoping not but
this is 
how I understand it to work after hours of searching. An
example with 
webdav: 
http://www.macosxhints.com/article.php?story=20040
303143205326)

>Finally, I don't quite understand what you mean by
acrobatics when
>checking multiple accounts...

This is in the client-to-server tunnel scenario where a
different 
tunnel would be required for each imap server one connects
to.

>I've updated the wiki entry a bit. It was a bit sparse
on details. Hope
>that helps.

Appreciated but I am still hung up on the structural issue
of what 
client configuration is necessary, having not used stunnel
yet.

Best regards,

Michael Dexter
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail

Hello all,

Thanks for the pointers on ssl.

In my research I came across this:

[Dbmail] dbMail with Radius Server
http://mailman.fastxs.net/pipermail/dbmail/
2004-September/005460.html

"Here is what we have for using dbmail users for
freeradius.  You will have to
do some work though.  We had to add the radius specific
tables to the dbmail
database, and add the radius specific columns to the users
table."

As I sit here thinking of a strategy to connect OpenLDAP or 
FreeRadius to an SQL database and then provide
authentication for 
various daemons, I realized that dbmail is the only non-db
daemon I 
am considering that natively uses a database for users.
(MySQL does, 
Cyrus IMAP can.)

Does anyone else have pointers/How-To's/war-stories about
sharing 
other user databases with dbmail's? Specifically:

MySQL's user db. (No pressing need to in my case)
Zope's eXternalUserFolder/*SQL
LDAP
FreeRadius (as above)

Has anyone encountered situations where the common data
formatting is 
incompatible between daemons? (case, case sensitivity etc.)

Many thanks,

Michael.
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail