Monday, November 15, 2010

A quick guide to setting up imap on solaris

A quick guide to setting up imap on solaris


Installing packages

Get the following packages from www.sunfreeware.com:

openssl-0.9.8e-sol10-sparc-local
imap-2006e-sol10-sparc-local

and install both of them

/etc/services configuration

Ensure the following /etc/services entries are present
pop2 109/tcp pop pop-2 # Post Office Protocol - V2
pop3 110/tcp # Post Office Protocol - Version 3
imap 143/tcp imap2 # Internet Mail Access Protocol v2
imaps 993/tcp

inetd configuration

The inetd configuration on Solaris 10 is a pain to setup now that you cant just edit inetd.conf, however you can use inetd.conf as an input to inetconv.

This is the easiest way !

Add in the following to inetd.conf

pop stream tcp nowait root /usr/local/sbin/ipop2d ipop2d
pop3 stream tcp nowait root /usr/local/sbin/ipop3d ipop3d
imap stream tcp nowait root /usr/local/sbin/imapd imapd
pop3s stream tcp nowait root /usr/local/sbin/ipop3d ipop3d
imaps stream tcp nowait root /usr/local/sbin/imapd imapd

Then run
#inetconv -f

to create the service entries. Then use inetadm to check they are ok.

root@host: inetadm | egrep "pop|imap"


enabled online svc:/network/pop3/tcp:default
enabled online svc:/network/imap/tcp:default
enabled online svc:/network/pop3s/tcp:default
enabled online svc:/network/imaps/tcp:default
enabled online svc:/network/pop/tcp:default

SSL configuration

Then you need to create SSL certificate as imapd will not accept plain text authentication

If you dont you will see the following type of errors in syslog when you try to connect with a plain text passwd.

Mar 29 09:56:58 myserver imapd[6959]: [ID 210418 auth.notice] Login disabled user=user1 auth=user1 host=myotherserver.example.com [10.11.12.13]



Use openssl to create certificate for imap.



cd /usr/local/ssl/certs

/usr/local/ssl/bin/openssl req -new -x509 -nodes -out imapd.pem \

-keyout imapd.pem -days 365

This should create an imapd.pem certificate file in the cert directory

Client configuration

Then in the account options on your mail client (netscape, outlook etc) choose the option to authenticate using SSL.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)