[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Optimizing POP-3 Performance
- Subject: Re: [cobalt-security] Optimizing POP-3 Performance
- From: Harald Kapper <hk@xxxxxxxxxx>
- Date: Fri, 10 Oct 2003 03:21:56 +0200
- Organization: kapper.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Thu, 26 Jun 2003 09:28:06 -0500, you wrote:
>On Wednesday, June 25, 2003, at 03:32 PM, Harald Kapper wrote:
>
>> well simply get the latest qpopper is my solution here.
>>
>> ad) memory: raq4 units actually take 1 GB ram, though the specs only
>> talk about 512 MB :-)
>>
>> http://www.solarspeed.net/downloads/index.php you get the 4.05 (great
>> job solarspeed) ready as a .pkg and you probably feel comfortable then
>> ;-)
>> source: ftp://ftp.qualcomm.com/eudora/servers/unix/popper/
>>
>> btw. it's a really suggested upgrade for "older" raq2's and qube3's
>> (though I guess no .pkg is available) you get a lot of performance
>> there.
>
>Hey Harald,
>
>Care to share and notes you have about upgrading Qpopper on the
>Raq2/Qube2's? Is it a pretty straight forward download the source,
>untar it, ./configure, make, make install? Or are there some Cobalt
>gotchas to look out for?
>
hi
sorry somehow missed your email then - so this is a very late reply.
this is the configure-line I used and which worked fine.
it _might_ happen that you have to (after make - make install)
"mv /usr/sbin/qpopper /usr/sbin/in.qpopper"
in order to get your in.qpopper file in place, as this is configured
in /etc/inetd.conf
[might = I don't remember sorry]
# qpopper405 on raq2/mail:
./configure --prefix=/usr \
--enable-apop=/etc/pop.auth \
--with-popuid=pop \
--enable-specialauth \
--enable-servermode \
--enable-uw-kludge \
--enable-log-login \
--enable-shy \
--enable-poppassd \
--enable-timing \
--with-openssl \
--with-gdbm
the enabled servermode gives you performance versus the need for
qpopper to be the only app to access the mail-spool, additionally if
you have openssl installed the "with-openssl" enables pop3-ssl.
in other words if you plan on just upgrading, just leave the openssl
and servermode configure-parameters out and you're done.
if you're interested in pop3ssl, you can add the following lines to
your /etc/services file:
pop3s 995/tcp # POP3 SSL enabled
and change+add the following in your /etc/inetd.conf:
pop-3 stream tcp nowait.200 root /usr/sbin/tcpd in.qpopper -f
/etc/qpopper.conf
pop3s stream tcp nowait.200 root /usr/sbin/tcpd in.qpopper -f
/etc/qpopper_pop3ssl.conf
of course both lines above should not be word-wrapped!
then I wrote those two files:
[root /etc]# cat qpopper.conf
# config file for qpopper4.0.5 with stls (explicit ssl on port 110)
# hk@xxxxxxxxxx
set trim-domain = true
set tls-support = stls
set tls-server-cert-file = /etc/mail/certs/public_cert.pem
set tls-private-key-file = /etc/mail/certs/private_key.pem
set fast-update = true
and the other one goes like this:
[root /etc]# cat qpopper_pop3ssl.conf
# config file for qpopper4.0.5 with implicit ssl on port 995
# hk@xxxxxxxxxx
set trim-domain = true
set tls-support = alternate-port
set tls-server-cert-file = /etc/mail/certs/public_cert.pem
set tls-private-key-file = /etc/mail/certs/private_key.pem
set fast-update = true
take care: don't set "fast-update = true" if any users are doing
shell-accessed-emails, this might break this stuff.
(also read the manual of qpopper on this and on --enable-servermode)
but hey, there is at least one good news: openssl compiling on a raq2
is still plain forward: ./config; make; make test; make install
hth,
Harald Kapper, icq# 36178328 kapper.net, inc.
managing director loeblichgasse 6
chief software development 1090 vienna, .at
tel +43 1 3195500-0, fax +43 1 3195502, hk@xxxxxxxxxx
--------------quote.of.the.year--------------
Some people have an horizon of radius zero
and call this their standpoint.
-- Albert Einstein