Topic: SME POP3S- SSL

[ber]

Hi, have looked extensively in the user manuals and cant find any info regarding disabling SSL on the POP3 protocol.
Is this feature able to be disable and run pop3 protocol without encryption?

Thanks

[warren]

Hi, have looked extensively in the user ....

http://wiki.contribs.org/SME_Server:Documentation:Administration_Manual:Chapter13

[CharlieBrady]

Hi, have looked extensively in the user manuals and cant find any info regarding disabling SSL on the POP3 protocol.
Is this feature able to be disable and run pop3 protocol without encryption?

You don't need to disable POP3S, just use POP3 rather than using POP3S. Note that POP3 is usually not available from outside your local LAN. You would need to use the config command to set the 'access' property to 'public' to enable global access to pop3 - but that is not recommended, as your usernames and passwords would be accessible to sniffing.

Why do you want to disable POP3S?

[ber]

HI the server is hosting multiple domains for clubs and organizations.
The SSL config prompts our clients every time they download there emails through outlook or express.
This is a nuisance, I understand the security feature, is there a way of memorizing SME certificate so that there email client doesn't prompt for confirmation of certificate?
Thanks

[ber]

also access for emails are outside the local network via internet.

[janet]

ber

The SSL config prompts our clients every time ...... is there a way of memorizing SME certificate so that there email client doesn't prompt for confirmation of certificate?

I'm assuming you are using the self signed certificate issued by sme server.
When they configure the email client, tell them to use the appropriate servername for Incoming and Outgoing servers eg
servername.yourdomain.com
instead of
mail.yourdomain.com

...and of course get them to add the certificate to their browser the first time they access using https://...

[CharlieBrady]

The SSL config prompts our clients every time they download there emails through outlook or express.
This is a nuisance, I understand the security feature, is there a way of memorizing SME certificate so that there email client doesn't prompt for confirmation of certificate?

That depends on what client they use. Outlook and OE (which should *not* be used) can be told to remember a certificate which would otherwise not be trusted. But I see mary has already told you that.

If you want no warnings from any client, then you need to buy a certificate signed by one of the big companies trusted by the client software. But you will still need to tell people to use a hostname in their configuration which matches what is stored in the certificate. However, if you are clever about the way you make the certificate, it can include multiple hostnames. Search the web for "Subject Alternative Names" or "Subject AltNames" for more details.

[warren]

Outlook and OE (which should *not* be used)....

Charlie, out of curiosity- ignorance, whats wrong in using OE ? 

[byte]

Charlie, out of curiosity- ignorance, whats wrong in using OE ? 

They are M$ products 

[warren]

They are M$ products 

Walked Slap Bang into that one   

[CharlieBrady]

Charlie, out of curiosity- ignorance, whats wrong in using OE ? 

It's probably the most egregious vector of viruses known to man. And it also eats mail folders.