[nSLUG] Re: Greetings, I just subscribed

Dop Ganger nslug at fop.ns.ca
Sat Aug 14 12:43:59 ADT 2004


On Fri, 13 Aug 2004, Mike Spencer wrote:

> Dop wrote:
>
> > Just try and make sure you're not pulling the mail from the remote server
> > using plaintext - use pop3s, or worst case, pop3 over ssh.
>
> Is there an RFC for "pop3s"?  Might one implement this with
> roll-yr-own scripting?

Mmmm... I don't believe so (although pop3s/imaps have been allocated port
numbers). According to RFC2595, TLS POP3 is preferred so a separate port
number is required. According to real life, it's a damn sight easier just
to run stunnel and get it to relay on to pop3 bound to 127.0.0.1. QPopper
is the only pop3 daemon I could find on a quick search that explicitly
supports TLS, and I'm not overly sure how well it's supported client side.
pop3s I know for sure is pretty well supported, even by Microsoft clients.
Plus pop3s has the advantage (for high throughput sites) that you can
separate the SSL processing from the POP3 processing onto separate
machines.

Cheers... Dop.

!DSPAM:411e3345111231580413312!




More information about the nSLUG mailing list