[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Enabling IMAP access

> - How do I allow this only over SSL (i.e., imaps)?

If you choose to run the Courier IMAP service, then you would set

... in /etc/courier/imapd:
ADDRESS=127.0.0.1

... in /etc/courier/imapd-ssl:
SSLADDRESS=0
This would allow the webmail client to access the IMAP service locally, and require that all remote clients connect with SSL. 


> - Is there a greater security risk in opening this up rather than
> allowing only webmail?

Probably not, but you may wish to check the appropriate list archives.


> How do I accomplish that? or is that what IMAP is for?
Popular IMAP clients like Outlook Express and Mozilla Mail keep mail on the server until the user deletes it. 


Roberto Sanchez wrote:
I have this Woody server (I've written about it several times before). Anyhow, I ported the mail configuration over from the previous server (RH 9), which the previous admin had setup using IMAP and IMP, for users to be able to access their mail via webmail. For some reason he chose to only allow webmail access. I would like to be able to let my users have other means of accessing their mail. 

My questions:

- How do I allow this only over SSL (i.e., imaps)?
- Is there a greater security risk in opening this up rather than allowing only webmail? - I am not totally well versed in the various mail protocols, but I want to be able to keep the mail on the server, raher than having it deleted once downloaded (like POP does). How do I accomplish that? or is that what IMAP is for? 

-Roberto
Reply to: