[email protected] writes:
Hi,I realized that I have a vague understanding of how IMAP+TLS actually works. Will it work like SSH (i.e., public-key cryptography)?
It works exactly like SSL for HTTP.
Is it necessary to create a certificate? (Why?) Can I just use keys?
No. This is SSL/TLS. Which needs a certificate.
How to create a certificate for a TLS_CERTIFILE? I've already created one when I was configuring Postfix: [1] touch smtpd.key chmod 600 smtpd.key openssl genrsa 1024 > smtpd.key openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt # has prompts openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 # has prompts sudo mv smtpd.key /etc/ssl/private/ sudo mv smtpd.crt /etc/ssl/certs/ sudo mv cakey.pem /etc/ssl/private/ sudo mv cacert.pem /etc/ssl/certs/ Can I use it? Will it be better to create a new certificate?
You can use it, just concatenate cakey.pem and cacert.pem into a single file.
I'm going to use OpenSSL. Should I comment or somehow disable GnuTLS-related options in /etc/courier/imapd-ssl?
No, you can leave them alone.
Could you elaborate on TLS_VERIFYPEER? What will happen if I set it to NONE?
It is already NONE, by default.
Should I disable IMAP over SSL if I want to use TLS? I have the
That's up to you.
following in imapd-ssl: IMAPDSSLSTART=NO IMAPDSTARTTLS=YES My Maildir is located in /home/user. Should I set MAILDIRPATH to /home/user/Maildir? Will it work with MAILDIRPATH=Maildir?
The IMAP and the POP3 server expect to find the mailbox by taking the authenticated user's home directory, followed by the fixed MAILDIR setting. So, if your mailboxes are in $HOME/Maildir, for each account, MAILDIRPATH=Maildir is correct.
Can I remove courier-pop and courier-imap if I don't want to use unencrypted protocols? Will it affect the packages that work with encrypted protocols (e.g., imapd-ssl)?
Not familiar with how your packages were put together. Ask the packager. Generally, it should not be possible to remove a package if another package depends on it.
pgpMqlIisHKAF.pgp
Description: PGP signature
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________ Courier-imap mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
