Enabling POP3 and IMAP
From EnGardeWiki
Contents |
Introduction
There are some instances in which it is desirable to (however still not recommended) to use POP3 or IMAP as opposed to the default SPOP3 and SIMAP. In order to make that change, follow the instructions below. Being that this is an insecure setup (and something not recommended), there is not an option to configure this in the WebTool.
Logging In
First login to the server as root and switch roles. This can be accomplished with the following command:
[root@mail ~]# newrole -r sysadm_r Authenticating root. Password:
Enter the root password to authenticate and you'll be switched into the sysadm_r role.
Xinetd Changes
Now that you have the ability to make changes to the system files, do the following to enable POP3 and/or IMAP xinetd services. Instructions are given for both services (POP3/IMAP), you can choose to either or both of them.
POP3 Instructions
cp -a /etc/xinetd.d/{spop3,pop3}
Now you will see a file in /etc/xinetd.d/ named pop3 with the exact same characteristics of the spop3 file. Open up the file for editing and change the service line in the file to read:
service pop3
It will originally have said service spop3.
IMAP Instructions
cp -a /etc/xinetd.d/{simap,imap}
Now you will see a file in /etc/xinetd.d/ named imap with the exact same characteristics of the simap file. Open up the file for editing and change the service line in the file to read:
service imap
It will originally have said service simap.
Restart xinetd and ensure the changes have taken effect.
[root@mail ~]# /etc/init.d/xinetd restart [root@mail ~]# netstat -tl | grep pop3 tcp 0 0 *:spop3 *:* LISTEN tcp 0 0 *:pop3 *:* LISTEN
Assuming you did not remove the file /etc/xinetd.d/spop3, you will have the above two lines of output showing you that pop3 and spop3 are enabled and running. To check for IMAP, simply replace 'pop3' with 'imap'
Security In Mind
Not letting the idea of security escape us, we will now use WebTool to add the IP addresses that will be accessing our mail server. This can be accomplished using the WebTool's 'Access Control' module. For example, if I were going to allow the entire 192.168.1.x class of IP address to access my POP3 mail server, I would login to the WebTool and go to the 'Access Control' module which is located under the 'System' menu. I would then scroll down to the SPOP3 IP address listing and enter
192.168.1.
into the input box and click on the 'Add' button. If I was using IMAP instead of POP3 then I would add the IP address to the IMAP IP address listing.
More information about using the Access Contol module can be found in the 'Quick Start Guide' at http://www.engardelinux.org/doc/guides/engarde-quick-start-guide-3.0/engarde-quick-start-guide-3.0/webtool-access-control.shtml
Conclusion
This is all that is required to use POP3 and/or IMAP on an Engarde Secure Linux server. Once you have followed the above steps to enable POP3 and IMAP, the WebTool can be used to disable and enable POP3 and IMAP. Remember to keep the server secure by only allowing those IPs which access the mail server to be listed in the 'Secure Access' module since everything that goes over POP3 and IMAP is in plain text (including authentication).
Categories: Tips | Email
