Loading...

courier-imap@lists.sourceforge.net

[Prev] Thread [Next]  |  [Prev] Date [Next]

[Courier-imap] disable STLS capability on POP3 Curtis Doty Wed Nov 08 12:04:24 2006

I recently just inherited a very old installation of courier and began the 
process of bringing it out of the dark ages.

For the time being, it has no TLS and I am tasked with simply brining the 
pop3 and imap services up to date. Later, I'll enable SSL.

The platform is FreeBSD 4-STABLE and upgrading to courier-imap 4.1.1 from 
the packages collection.

There were no problems getting the authlibs running on different sockets 
so I can test both the new and old in parallel. However I noticed a slight 
change in the CAPA output:

old:
+OK Hello there.
CAPA
+OK Here's what I can do:
TOP
USER
LOGIN-DELAY 10
PIPELINING
UIDL
IMPLEMENTATION Courier Mail Server

new:
+OK Hello there.
CAPA
+OK Here's what I can do:
STLS
TOP
USER
LOGIN-DELAY 10
PIPELINING
UIDL
IMPLEMENTATION Courier Mail Server

Being a somewhat pedantic postmaster, I tried briefly to disable the STLS 
offering so as to streamline the transition and make it transparent to the 
thousands of users. However I had no luck and went live with the 
transtion.

A very small number of clients (Eudora for sure; maybe Outlook Express) 
reported they could "no longer connect securely". Which baffled me since 
I'd already verified we had no TLS anywhere.

After some head-scratching, I finally got one user to disable the 
*attempt* to use security and his problems went away. Apparently Eudora 
led him to believe that TLS was in effect, when it was mererly attempting 
to do so. Which never produced any errors on the old courier that never 
offered STLS as a capability.

However, the new courier says it can do STLS when it actually cannot. Nor 
do I wish to. At a *later* date, I will generate the proper STARTTLS 
config/daemon running on the proper pop3s port.

How on earth do I positivly disable the STLS CAPA on POP3? Or is this 
really just a FreeBSD packaging issue?

../C


-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Courier-imap mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap