[PLUG] UW-Imap not running...

plug_0 at robinson-west.com plug_0 at robinson-west.com
Wed May 31 06:29:29 UTC 2006 

Firewalled off or blocked by tcp wrappers is a strong possibility.

Make sure you have visibility for squirrelmail.  If you are running
uw-imap on an ip address you have no route to from squirrelmail, it
definitely won't work.

One problem I'd run into with UW-IMAP is that it would crash when
it ran into non mail files and tried to treat them as such.

Blithely picking a domain name does not strike me as a very good
idea.  This is one of the major downsides of ip networking and
why it's too bad that everything is going to it.  People use 
unregistered names on private networks only to get in trouble
when they interact with the Internet.  The Internet domain system
was not designed with private networks in mind.  Indeed, ipv6 is
trying to make available a global ip for every computer on the
planet.  As far as finding names for that many ip addresses, unique
ones that is, good luck.  One approach to the problem is redesigning 
the resolver libraries so that you can set up your own private dns 
hierarchy that is not related to the Internet system.  Another 
meaningful approach is to set up smtp servers that work like squid 
instead of using ip masquerading to go beyond your private lan.

My tip is to find out what root domain names will never be used on the
Internet and look into naming private hosts with those domains.  For
consideration, will .pri ever be an Internet domain?  How about .cox,
.lan, .home, etc?  Using a private domain name internally and 
still managing to interact properly with the Internet, that's the real 
challenge.  I use a registered name internally and externally because
I don't know how to set up my MTA otherwise.  I doubt it's the best way 
to do things, have two different ip addresses in two distinct
networks for the same name.  Where trouble arises is when the headers
of your email repeat the same hostname twice in a row.

The problem I see with TCP/IP networking is that the protocols seem
to be designed from the mindset that they will serve clients on one huge
network.  This is rarely true in today's day and age.  With the shortage
of address space on the Internet, most organizations and individuals are
purusing network address translation to conserve address space, save money,
and ensure privacy.  IPv6's designers should have focused on this fact in
my opinion.  After all, you don't make all your private hosts directly
accessible from the Internet even if they are connected to it.  The other
gripe I have with IPv6 is that it's still experimental and I question if
it is going to be a true drop in replacement for IPv4 without obsoleting 
much of the installed IPv4 infrastructure.

I do not know how to enforce going from more restrictive tcp wrappers to less
restrictive ones without rebooting.  This is a common source of trouble when
setting up email servers.

Practically speaking, name shortage is a problem that will not be solved by
increasing the size of the ip address space.  There are only so many unique
names that aren't obnoxiously long.  I'm curious what is going to happen in 
the future when the available names are exhausted?

# netstat -nlpt

The latter at a root prompt will give you your tcp service ports, 
look for 143.

Internetwork name resolution is one area where I have great difficulty.
I would recommend using IPX/SPX instead of TCP/IP to implement a
private local area network except for the fact that IPX/SPX isn't 
free.

Get php webmail working checklist:
    0) Relevant IP routing, tcp wrappers, and firewalls configured.
    1) Name resolution is functioning properly.
    2) Imap server set up and working.
    3) Apache up and php functional.
    4) Webmail software installed and configured.

For many webmail programs, setting up your email system without it is a
prerequisite to using it.

I allowed Internet access to a webmail program on a web site for a while,
but it was too easily abused.  I now know that a jerk used eblaster
on a friend's computer to hijack our clear text transactions.  
Something to keep in mind, do you like webmail better than say, 
evolution or pine even?  Remote access via secure tunneling is something 
to seriously consider as a much more secure alternative.  I don't know
how to do this, but secret key authentication in place of passwords
could also be more secure.  You could carry the key on say a thumb
drive and replace it with a new secret every week or so.

Regards,

Michael C. Robinson

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/

More information about the PLUG mailing list