Blue Flower

Monday, 06 July 2015 01:31

Enabling Qmail-POP3DSSL for Courier IMAP

Written by
Rate this item
(0 votes)

This guide will eventually be replaced by dovecot but I will leave this up for archival reasons.

Basically you will want to use qmail-pop3dssl if you want a completely secure setup which includes smtp and pop3 ssl or tls. This section will cover installing pop3d via ssl.

First lets get the scripts copied over:


# cd /var/qmail/supervise/
# mkdir -m 1755 qmail-pop3dssl
# cd qmail-pop3dssl
# fetch http://freebsdrocks.net/files/service-pop3ssl-run
# mv service-pop3ssl-run run
# chmod 755 run
# mkdir -m 1755 log
# cd log
# fetch http://freebsdrocks.net/files/service-any-log-run
# mv service-any-log-run run
# chmod 755 run

Create the pop3d-ssl cert by running the following command:


# cd /usr/local/share/courier-imap
# openssl req -new -x509 -nodes -out pop3d.pem -keyout pop3d.pem -days 3650

When you run this command, It is going to ask you a series of questions. it will ask you for the Country, City or Province, Locality, and Organization name all of which are optional. The next thing it will ask you is very important which is the common name. This will be the name people will be putting into their pop3d ssl server name. For instance, If all your users type pop3.ssl.server into their pop3 server name, then thats what you will want to put into the Common name. If you don't, your users will get a nag screen everytime they open up their mail client which can cause confusion and often upset users.

Now to copy a new conf files:


# cd /usr/local/etc/courier-imap
# cp pop3d.cnf.dist pop3d.cnf
# cp pop3d-ssl.dist pop3d-ssl

Modify /usr/local/etc/courier-imap/pop3d-ssl so it includes the below lines:


POP3DSSLSTART=YES
TLS_CERTFILE=/usr/local/share/courier-imap/pop3d.pem

Now lets start the service:


# ln -s /var/qmail/supervise/qmail-pop3dssl /service/qmail-pop3dssl

Now if you run:


# svstat /service/qmail-pop3dssl /service/qmail-pop3dssl/log

You should get something like:


/service/qmail-pop3dssl: up (pid 26984) 156 seconds
/service/qmail-pop3dssl/log: up (pid 26711) 323 seconds

 

You're done! POP3D-SSL is setup and ready!

Now lets remove the 2 startups scripts in /usr/local/etc/rc.d:


# rm /usr/local/etc/rc.d/courier-imap-pop3d
# rm /usr/local/etc/rc.d/courier-imap-pop3d-ssl

Read 2312 times Last modified on Monday, 06 July 2015 01:31

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.