From myers at vassar.edu Fri Apr 15 13:27:36 2005 From: myers at vassar.edu (Eric Myers) Date: Fri Apr 15 12:28:26 2005 Subject: [Unix-l] secure IMAP using Pine Message-ID: Pine is an e-mail client from the University of Washington which runs on Windows and Unix (including Mac's in a Terminal window). Pine can be used as an IMAP client to read mail from a central IMAP server, such as the one run by CIS. In normal operation IMAP is served over an unsecured link, which means that your e-mail password or other information could be sniffed from the network. Pine can also use an encrypted link to the IMAP server if the server supports it. Ours does -- the encryption is provided using SSL, the Secure Sockets Layer. So it is a good idea to turn on the encryption to keep your password and data safe. (This is the same as reading e-mail via webmail using https rather than http.) Using IMAP to read e-mail with SSL is easy. Go into the configuration menu and change your inbox-path to "{imap.vassar.edu/ssl}INBOX" (it probably looks just like this without the "/ssl"). Unfortunatly our outbound e-mial server does not seem to understand encryption yet, so to send e-mail you then have to turn encryption off. To do so change the configuration item "smtp-server" to read "smtp.vassar.edu/notls" (TLS is a newer name for SSL). -Eric Myers -- Eric Myers Einstein@Home Assistant Professor of Physics - Vassar College http://noether.vassar.edu/~myers/ Tel: +1 845-437-7351 PGP Key #6E2D2259: BA 39 1D 46 5E C3 0D 59 C2 AC 6F CB F9 20 4D C8 From dcalaf at vassar.edu Fri Apr 15 18:05:14 2005 From: dcalaf at vassar.edu (Dave Calafrancesco) Date: Fri Apr 15 17:05:32 2005 Subject: [Unix-l] secure IMAP using Pine In-Reply-To: References: Message-ID: <32797.209.87.233.99.1113599114.squirrel@webmail.vassar.edu> Eric Myers said: > > Unfortunatly our outbound e-mial server does not seem to understand > encryption yet, so to send e-mail you then have to turn encryption off. > To do so change the configuration item "smtp-server" to read > "smtp.vassar.edu/notls" (TLS is a newer name for SSL). > Actually the smtp system has been using tls for going on two years. We have more recently configured the system to respond on the old deprecated ssmtp port 465 so that those who have port 25 blocked by their ISPs can access our mail system remotely. That was enabled when the local ISPs changed their configurations to block outgoing smtp outside of their local networks. As always, we only accept email for relay if you are on campus, have recently accessed your email account via pop or imap or you are using authenticated smtp (with or without tls). If there is a configuration issue with smtp and tls that causes pine to not work, please let the helpdesk know so they can try to assist. For other clients, simply selecting the use TLS option seems to generally be the only required configuration. -- David Calafrancesco Vassar College SysAdmin dcalaf at vassar edu