Hi folks, On Wed, 2003-01-22 at 18:30, Michael M. Dienel wrote:
Hi list,
i have a question about the following problem i'm facing:
I want to use a secure conection to my POP3-service and i'll be able to send mail via smtp. To prevent an open-relay mailserver i set up pop-before-smtp from http://popbsmtp.sourceforge.net. It is using /var/log/mail to update its IP-adress-database to verify access to smtp. Now i'm not shure about the right setup in xinetd.conf: [xinetd.conf]
Version 2 creates only access from 127.0.0.1 in /var/log/mail. This prevents pop-before-smtp from updating its database but all data is sent via an ssl connection to the server.
Now my questions: Is data in version 1 also send via ssl or only some parts like userid and password or nothing? If nothing is send via ssl: How to configure stunnel to send the original ip-adress to /var/log/mail?
I dont think so, but: What about using qpopper with inbuild SSL/TLS? Then an entry to /var/log/mail looks like: Jan 23 09:50:01 pop3host qpopper[9173]: (v4.0.4) TLSv1/SSLv3 handshake with client at pop3host (333.333.333.3); new session-id; cipher: RC4-MD5 (RC4-MD5 SSLv3 Kx=RS A Au=RSA Enc=RC4(128) Mac=MD5 ), 128 bits Jan 23 09:50:01 pop3host qpopper[9173]: Stats: user 0 0 3 19971 pop3client 333.333.333.4 Now your popbstmp should be able to parse these entries. Greetings Carsten