how to use cyradm with imaps ?

Michael Menge michael.menge at zdv.uni-tuebingen.de
Sun Apr 20 17:11:45 EDT 2008 

Hi,

IMHO Cyradm does not support SSL, so to run Cyradm there has to run an IMAP
server. You can limit this IMAP server to the interface 127.0.0.1 so
it can only be reached from localhost.

It may be possible to run cyradm trough an openssl tunnel to connect to
IMAPS.

It would help to know why you don't want an IMAP server on Port 143 to
make some suggestions that will work for you.




Quoting Sébastien Rozier <sebastien.rozier at cybergaia.org>:

> Thanx for all your answers, but this is not my original question :-)
> " In fact, I don't use and don't want to use TLS, but IMAP over SSL."
> 	I don't want ANYTHING running on port 143.
> 	I don't want imap daemon running on my server, only imaps.
> 	I still want to be able to use cyradm, and use it through imaps 993.
>
> Is it possible ?
>
> Thanx,
> Seb
>
> -----Message d'origine-----
> De : Jorey Bump [mailto:list at joreybump.com]
> Envoyé : lundi 14 avril 2008 20:43
> À : Andrew Morgan
> Cc : Sébastien Rozier; info-cyrus at lists.andrew.cmu.edu
> Objet : Re: how to use cyradm with imaps ?
>
> Andrew Morgan wrote, at 04/14/2008 12:44 PM:
>
>> Isn't there a way to have Cyrus listen on the regular IMAP port (143)
>> but require a secure connection to login?  Some trick with
>> allowplaintext and/or sasl_minimum_layer?
>
> Yes. For example:
>
>    sasl_pwcheck_method: auxprop
>    sasl_mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
>    allowplaintext: no
>    sasl_minimum_layer: 128
>
> To connect with cyradm using TLS:
>
>    cyradm localhost -tls
>
>> Who cares if you listen on 143 as long as people aren't sending
>> passwords in the clear.  TLS is as good as SSL.
>
> Agreed. Furthermore, it stops a lot of brute force password cracking
> attempts dead in their tracks, since most don't attempt to use encrypted
> connections (they're looking for low hanging fruit, I guess).
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>



--------------------------------------------------------------------------------
M.Menge                                 Tel.: (49) 7071/29-70316
Universitaet Tuebingen                  Fax.: (49) 7071/29-5912
Zentrum fuer Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
Waechterstrasse 76
72074 Tuebingen

More information about the Info-cyrus mailing list