[imp] IMAP and Security issues
Joseph Formoso
jformoso@stevens-tech.edu
Fri, 9 Feb 2001 11:55:26 -0500
On Fri, 9 Feb 2001, Donnie Barnes wrote:
> First, can IMP speak imap-ssl? I'm not sure it should need to...
----------
No. However, what we do here is use stunnel (which has a site
at, not surprisingly, www.stunnel.org). Basically, you set up an
stunnel deamon on the machine where IMP runs, having it listen on some
arbitrary local port and connect to the imap-ssl port on your secure IMAP
box. You then configure IMP so that it makes its IMAP connection to
localhost:<arbitrary port>. stunnel accepts that connection and handles the
job of encrypting the connection from localhost to the imap-ssl port on
your secure IMAP box.
--Joe
-----
Joe Formoso (jformoso@stevens-tech.edu),
Senior Systems Administrator, OIT, Stevens Institute of Technology
>From chuck@horde.org Date: Fri, 9 Feb 2001 11:58:16 -0500
Return-Path: <chuck@horde.org>
Mailing-List: contact imp-help@lists.horde.org; run by ezmlm
Delivered-To: mailing list imp@lists.horde.org
Received: (qmail 33245 invoked from network); 9 Feb 2001 16:59:12 -0000
Received: from r94aag005136.sbo-smr.ma.cable.rcn.com (HELO marina.horde.org) (209.6.192.126)
by horde.org with SMTP; 9 Feb 2001 16:59:12 -0000
Received: by marina.horde.org (Postfix, from userid 33)
id 293B539F4; Fri, 9 Feb 2001 11:58:17 -0500 (EST)
Received: from 206.243.191.252 ( [206.243.191.252])
as user chuck@marina by marina.horde.org with HTTP;
Fri, 9 Feb 2001 11:58:16 -0500
Message-ID: <981737896.3a8421a8e12cd@marina.horde.org>
Date: Fri, 9 Feb 2001 11:58:16 -0500
From: Chuck Hagenbuch <chuck@horde.org>
To: imp@lists.horde.org
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs
Subject: Re: [imp] Problem with new php's rpms
Quoting "Brent J. Nordquist" <bjn@horde.org>:
> On Fri, 9 Feb 2001, Federico E. Petronio <petronio@ifeva.edu.ar> wrote:
>
> > $this->pt['s'] = '1'; $GLOBALS['imp'] = new ; $GLOBALS['s'] = '1';
> ^^^^^^^
> I'm not a PHP wizard but that looks suspicious.
Yeah, that's definitely broken. Now the question is why the session data is
corrupted, and only some of the time...
-chuck
--
Charles Hagenbuch, <chuck@horde.org>
"My intuitive grasp of math often leads me astray." -Me