[CentOS] Creating a Roaming imap account

Tue Feb 5 17:50:03 UTC 2008
Anne Wilson <cannewilson at googlemail.com>

On Tuesday 05 February 2008 17:20:18 Bill Campbell wrote:
> On Tue, Feb 05, 2008, Anne Wilson wrote:
> >This (CentOS5.1) box is my new imap server.  Using
> >system-config-security-level I opened port 143 tcp, and mail is readable
> >throughout the LAN.  I want a Roaming account on my laptop so that I can
> > read mail while away from home.  I have set up the account in kmail, and
> > I know that that part is correct, as it worked on my old, less-secured,
> > imap server. However, I haven't been able so far to make a connection.
> >
> >Do I need 143 udp open?  What else must I do to allow me to connect over
> > WAN?
>
> You should have port 993 open which provides security via SSL.
> One can use TLS to initiate connections via port 143, but this
> may result in unencrypted logins which result in your username
> and password being sent in clear text across the Internet.
>
> You will also have to make provisions to allow mail relaying from
> the roaming IP for the duration of the authenticated connection
> (assuming that your mail server is not an open relay which will
> get it black listed pretty quickly).  There are various ways to
> handle this.  We have used WHOSON for years which doesn't require
> any action on the part of the IMAP client.  One can also use SMTP
> AUTH, POP/IMAP before SMTP, or other methods.
>
> It would probably be easier to set up OpenVPN so you can tunnel
> from the remote systems into your private network, then connect
> via the private IP address for IMAP and SMTP sending.  Once one
> has generated the proper keys for the OpenVPN connections, it is
> easy to make the connections (and easy to revoke them as well).
> There are OpenVPN clients for the Microsoft virus, Windows, OS X,
> and every version of Unix I've used.
>
It sounds very complex.  I did try, a little while back, to set up OpenVPN, 
but couldn't understand the settings that I was asked to give.  I read three 
or four how-tos, without feeling any wiser.  I got as far as generating the 
keys, but the instructions seemed to stop there.  Then I bought a book - only 
to find that it was out of date, and nothing was the same as it said :-(  The 
software was two or three version later and quite different.  If you know a 
good how-to for someone with no previous knowledge I'd be glad to hear of it.

Anne
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos/attachments/20080205/8f5cffea/attachment-0005.sig>