Korea FreeBSD Users Group News, Internal, Projects, Home
Software, Support, Documentation

[KFUG] qpopper ssl


[ ³¯Â¥¼ø »öÀÎ ] [ ´ñ±Û¼ø »öÀÎ ] [ ÃÖ»óÀ§ »öÀÎ] [ °Ë»ö]

[ÀÌÀü ±Û] [´ÙÀ½ ±Û] [ÀÌÀü ´ñ±Û] [´ÙÀ½ ´ñ±Û] 

안녕하세요,
동아리 아우들을 위하야,, 받는편지서버 쩌매 셋팅한다고,,
qpopper 를 설치했습니다. 근데 그냥 할라니깐,, 너무 맨숭하고 그래서,,
접속할때,, 약간 안전하게 할라고,, qpopper 에 ssl 을 추가했습니다.
근데 테스트 결과 qpopper서버 에 ssl접속 이  되는게 있고 안되는게 있어요,,
되는거: mutt(freebsd),outlook(windows98) 안되는거: thunderbird(windows98)
질문: thunderbird가 ssl접속이 잘 안되는 원인이 서버측 문제인지,, 클라이언트 문제인지 그걸 알고싶습니다.

바로 아래건 서버&클라이언트 측 로그구욤;;
// Server 로그: qpopper
Dec 13 23:12:27 izb qpopper[34672]: OpenSSL error during handshake
Dec 13 23:12:27 izb qpopper[34672]: ...SSL error: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
Dec 13 23:12:27 izb qpopper[34672]: TLS/SSL Handshake failed: -1
// Client 로그: ThunderBird
Could not establish an encrypted connection 
because certificate presented by izb.knu.ac.kr is invalid or corrupted.
Error Code:-8182

아래건 서버측 설정 상태입니다,,,
// 서버측 설정
1. 서버 버전: qpopper-4.0.5_1     Berkeley POP 3 server (now maintained by Qualcomm)
2. 설치 옵션: 포트에서 설치함 - WITHOUT_APOP=yes, qmail 지원, 나머진 기본 
3. /etc/inetd.conf
pop3 stream tcp nowait root /usr/local/libexec/qpopper qpopper -s -f /usr/local/etc/qpopper/STLS-110.conf
pop3s stream tcp nowait root /usr/local/libexec/qpopper qpopper -s -f /usr/local/etc/qpopper/TLS-995.conf
3. ls -l /usr/local/etc/qpopper/
total 5
drwx--x--x  2 pop   daemon   512 12 13 23:02:29 2004 ./
drwxr-xr-x  9 root  wheel   1024 12 12 19:38:29 2004 ../
-r--r-----  1 pop   daemon   158 12 13 02:44:34 2004 STLS-110.conf
-r--r-----  1 pop   daemon   190 12 13 21:59:34 2004 TLS-995.conf
-r--r-----  1 pop   daemon   279 12 13 23:02:05 2004 qpopper.conf
4. cat /usr/local/etc/qpopper/qpopper.conf
set statistics
set downcase-user
set timeout = 180
set reverse-lookup = 1
set clear-text-password = tls
set tls-options = 0x00000800
set tls-server-cert-file = /etc/mail/certs/pop3cert.pem
set tls-private-key-file = /etc/mail/certs/pop3key.pem
5. cat /usr/local/etc/qpopper/STLS-110.conf
set tls-support = stls
set config-file = /usr/local/etc/qpopper/qpopper.conf
6. cat /usr/local/etc/qpopper/TLS-995.conf
set tls-support = alternate-port
set config-file = /usr/local/etc/qpopper/qpopper.conf
7. ls -l /etc/mail/certs
total 5
drwxr-xr-x  2 root  wheel   512 12 13 20:30:58 2004 ./
drwxr-xr-x  4 root  wheel  1024 12 13 20:30:13 2004 ../
-rw-r--r--  1 root  wheel  1111 12 13 20:25:20 2004 pop3cert.pem
-rw-r--r--  1 root  wheel   887 12 13 20:23:56 2004 pop3key.pem
8. 소켓 LISTEN 상태
netstat -an -f inet | grep .110
tcp4       0      0  *.110                  *.*                    LISTEN
netstat -an -f inet | grep .995
tcp4       0      0  *.995                  *.*                    LISTEN

참조한 문서는 
http://www.vanemery.com/Protocols/POP/qpopper-bsd-howto.html
http://www.eudora.com/products/unsupported/qpopper/faq.html
qpopper(8), 구글!

인샬라... - _ -
_______________________________________________
한국 FreeBSD 사용자 그룹(KFUG) questions 메일링 리스트
questions at kr.FreeBSD.org
http://www.kr.FreeBSD.org/mailman/listinfo/questions
[ ³¯Â¥¼ø »öÀÎ ] [ ´ñ±Û¼ø »öÀÎ ] [ ÃÖ»óÀ§ »öÀÎ] [ °Ë»ö]
Copyright © 1998-2005 Korea FreeBSD Users Group.
All rights reserved. webmaster at kr.FreeBSD.org
$Date: 2004/12/14 11:47:56 $ 		Powered by FreeBSD