POP over SSL

Updated: 2001.08.24

POP$B%5!<%P$r5/F0$9$k$K$O!"(Binetd $B$^$?$O(B xinetd $B$J$I$N(B $B!V%9!<%Q!$B$3$A$i(B$B$r8fMw2<$5$$!#(B

POP Server

$B%a!<%k!&%5!<%P$KFO$$$?%a!<%k$r!"

POP (Post Office Protocol)

IMAP (Internet Message Access Protocol) $B$,$"$j$^$9!#:#2s$O(B POP $B$K$D$$$F@bL@$7$^$9!#(B

POP$B%W%m%H%3%k(B

USER uid uid$B$H$7$F(Blogin$B$9$k!#(B

PASS password $BG'>Z$N$?$a%Q%9%o!<%I$rAw$k!#(B

STAT $B%a!<%k$N8D?t$H(Bmailbox$B$N%5%$%:$rD4$Y$k!#(B

LIST $B3F%a!<%k$H$=$N%5%$%:$N0lMw$rI=<($9$k!#(B

RETR n n$BHVL\$N%a!<%k$r

DELE n n$BHVL\$N%a!<%k$r:o=|$9$k!#(B

RSET $B%j%;%C%H$9$k(B($B2C$($?JQ99$rL5$7$K$9$k(B)$B!#(B

QUIT logout$B$9$k!#(B

 POP$B%W%m%H%3%k$NNc(B
% telnet localhost 110      ← localhostのpopサーバと通信してみる
+OK Qpopper (version 4.0.3) at ec00.tsuda.ac.jp starting.  
<I>USER nitta</I>   ← nittaとしてログイン
+OK Password required for nitta.
<I>PASS xxxxxxxx</I>  ← nittaのパスワードを送る(ここでは隠してあります)
+OK nitta has 2 visible messages (0 hidden) in 641 octets.
<I>STAT</I>       ← 受信メールの状態を見る
+OK 2 641         ← 2通来ている
<I>LIST</I>       ← メールの一覧を見る
+OK 2 visible messages (641 octets)
1 320
2 321
.                    ←リストの終り
<I>RETR 1</I>       ← 1番目のメールを取り込む
+OK 320 octets
Received: (from root@localhost)   ←1番目のメールの始まり
	by ec00.tsuda.ac.jp (8.11.0/3.7W) id f5DBK7g26655
	for nitta; Wed, 13 Jun 2001 20:20:07 +0900
Date: Wed, 13 Jun 2001 20:20:07 +0900
From: root <root>
Message-Id: <200106131120.f5DBK7g26655@ec00.tsuda.ac.jp>
To: nitta
Subject: test 1
X-UIDL: J<4!!Z^H"!/8n!!i`X!!

first test

.                 ←メールの終り
<I>DELE 1</I>     ←1番目のメールをサーバから削除する
+OK Message 1 has been deleted.
<I>STAT</I>        ←受信メールの状態を見る
+OK 1 321
<I>QUIT</I>       ← 通信を終了する
Connection closed by foreign host.

qpopper

pop$B%5!<%P$K$b$$$m$$$m$J

qpopper $B$N%P!<%8%g%s(B2.51$B0JA0$N$b$N$OA4$F!"%j%b!<%H%f!<%6$,(B root$B8"8B$r>h$C

qpopper $B$N%[!<%`%Z!<%8$O(B http://www.eudora.com/qpopper/ $B$G$9$,!"(B $B%M%C%H%o!<%/$N:.;($rHr$1$k$?$a:#2s$O(B http://nw.tsuda.ac.jp/pub/mail/qpopper/ $B0J2<$+$i%@%&%s%m!<%I(B $B$7$F2<$5$$!#(B

$B<+J,$G9)IW$r$7$F%$%s%9%H!<%k$7$F2<$5$$!#(B $B0J2<$NE@$K$OCm0U$,I,MW$+$b$7$l$^$;$s!#(B

GUIDE.pdf $B$rFI$`$?$a$K$O(BAcrobat Reader $B$r;H$&I,MW$,$"$k$G$7$g$&!#(B
```
    # acroread GUIDE.pdf
```
/etc/inetd.conf $B$r5-=R$9$k$N$G$O$J$/!"(B/etc/xinetd.d/pop3 $B$K(B $B /etc/xinetd.d/pop3 service pop3 { socket_type = stream wait = no user = root server = /usr/local/sbin/popper }
/etc/xinetd.d/ $B0J2<$N@_Dj%U%!%$%k$rJQ99$7$?8e$O(B xinetd $B%W%m%;%9(B $B$K(B SIGUSR2 $B%7%0%J%k$rAw$C$F(B xinetd $B$K@_Dj$r:FFI$_9~$_$5$;$kI,MW$,$"(B $B$k$G$7$g$&!#(B
```
# kill -USR2  `cat /var/run/xinetd.pid`
```
$B$A$J$_$K%W%m%;%9(BID (PID)$B$rD4$Y$k$K$O(B ps $B%3%^%s%I$r;H$$$^$9!#(B
```
# ps -auxww | more
USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND
...
root     26631  0.0  0.8  2248 1032 ?        S    20:15   0:00 xinetd -reuse
```

qpopper$B$N%$%s%9%H!<%k8e!"(B $B%M%C%H%9%1!<%W$G(B pop $B%5!<%P$K(B localhost, MAIL$B%5!<%P$K(B localhost $B$r;XDj$7$F%a!<%k$NAw

$B0lHL%f!<%6$G(B login $B$7$^$9!#(B

X-Windows System $B$N4D6-$r5/F0$7$^$9!#(B

netscape$B$r5/F0$7$^$9!#(B

netscape$B$G%a!<%k4D6-$r@_Dj$7$^$9!#(B

    $BJT=8"*@_Dj(B
    $B"*%a!<%k$H%0%k!<%W(B
	$B!'(Blocalhost
		$B%5!<%P$N!'(B $B"+<+J,$N(Blogin$BL>(B
	$BAw?.%a!<%k%5!<%P(B : localhost
	$B%a%C%;!<%8Aw?.$N:]$K(B SSL or TLS $B$r;H$&"*2DG=$J>l9g$K(B
    $B"*8D?M>pJs"*EE;R%a!<%k%"%I%l%9(B
	$B<+J,$N(Blogin$BL>(B@$B%[%9%HL>(B
    $B"*3NG'(B

Netscape Mail$B$G(B $B%a!<%k$r<+J,(B($B%f!<%6L>(B@localhost)$B$KAw$C$F$_$^$7$g$&!#(B

Netscape Mail $B$G%a!<%k$r

POP over SSL

POP $B$G$O!"%Q%9%o!<%I$d%a%$%k$NFbMF$,J?J8$G$=$N$^$^(B $B%M%C%H%o!<%/$rN.$l$^$9$N$G!"EpD0$5$l$F>pJs$,O3$l$k(B $B4m81@-$,$"$j$^$9!#(B $B$3$N4m81@-$r2sHr$7$F0BA4$KDL?.$r9T$J$&$K$O!"A4$F$N(B $BDL?.FbMF$r0E9f2=$7$^$9!#(B POP$B%W%m%H%3%k$r0E9f2=$9$kJ}K!$H$7$F$O(B $B!VDL?.ItJ,$K(B SSL (Secure Socket Layer) $B$r;H$&(B (POP over SSL)$B!W(B $B$H$$$&J}K!$,$h$/

MicroSoft OutLook$B$J$I$G$O%a%$%k!&%/%i%$%"%s%H$,(B POP over SSL$B$r(B $B%5%]!<%H$7$F$$$^$9!#$7$?$,$C$F!"$=$N5!G=$r(BON$B$K$9$k$@$1$G0BA4$K$J$j$^$9!#(B Netscape Mail $B$J$I$G$O(B POP over SSL $B$,%5%]!<%H$5$l$F$$$^$;$s!#(B $B$3$N$h$&$J>l9g$O(B stunnel $B$J$I$NJL$N%=%U%H%&%'%"$N=u$1$r

$B$5$F!"(BPOP$B%5!<%P$NJ}$b(B SSL $BBP1~$5$;$J$/$F$O$J$j$^$;$s!#(B $B$3$N$?$a$K;H$o$l$F$$$k%D!<%k$K$O$$$m$$$m$"$j$^$9$,!"(B $B$3$3$G$O(B stunnel $B$r;H$C$F$_$^$7$g$&!#(B stunnel$B$N8x<0%5%$%H$O(B http://www.stunnel.org/ $B$G$9$,!"(B RedHat7.0.1J$B$G$OI8=`$G%$%s%9%H!<%k$5$l$F$$$^$9!#(B

 rpm -q -l stunnel
/usr/lib/stunnel.so
/usr/sbin/stunnel
/usr/share/doc/stunnel-3.8
/usr/share/doc/stunnel-3.8/BUGS
/usr/share/doc/stunnel-3.8/COPYING
/usr/share/doc/stunnel-3.8/COPYRIGHT.GPL
/usr/share/doc/stunnel-3.8/COPYRIGHT.SSLeay
/usr/share/doc/stunnel-3.8/Certificate-Creation
/usr/share/doc/stunnel-3.8/FAQ
/usr/share/doc/stunnel-3.8/HISTORY
/usr/share/doc/stunnel-3.8/INSTALL
/usr/share/doc/stunnel-3.8/PORTS
/usr/share/doc/stunnel-3.8/README
/usr/share/doc/stunnel-3.8/TODO
/usr/share/doc/stunnel-3.8/sfinger.xinetd
/usr/share/doc/stunnel-3.8/stunnel.html
/usr/share/doc/stunnel-3.8/transproxy.txt
/usr/share/man/man8/stunnel.8.gz
/usr/share/ssl/certs/stunnel.pem

$B$b$7(B stunnel $B$,%$%s%9%H!<%k$5$l$F$$$J$$>l9g$O!"(B RPM$B%U%!%$%k$r%@%&%s%m!<%I$7$F$-$F%$%s%9%H!<%k$7$^$9!#(B


# rpm -Uvh  stunnel-3.8-4.i386.rpm

RPM $B$G(B stunnel $B$r%$%s%9%H!<%k$7$?>l9g$O!"(BSSL$B$N!V>ZL@=q(B(certificate)$B!W(B $B$,$^$@:n@.$5$l$F$$$^$;$s$N$G!"(B root$B8"8B$G:n@.$7$F$*$-$^$9!#(B


# cd /usr/share/ssl/certs
# make stunnel.pem
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Tokyo
Locality Name (eg, city) []:Kodaira-shi
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Tsuda College
Organizational Unit Name (eg, section) []:Computer Science
Common Name (eg, your name or your server's hostname) []:ec00.tsuda.ac.jp
Email Address []:root@ec00.tsuda.ac.jp

$B$3$l$G(B /usr/share/ssl/certs/stunnel.pem $B$,:n@.$5$l$^$9!#(B

POP over SSL $B$NDL?.$O(B 995$BHV%]!<%H(B(pop3s$B$H$$$&%5!<%S%9L>A0$G$9(B)$B$r(B $BDL$8$F9T$J$o$l$^$9!#(B

 /etc/services
pop3		110/tcp		pop-3		# POP version 3
pop3		110/udp		pop-3
...
pop3s		995/tcp				# POP-3 over SSL

stunnel $B7PM3$G(B POP$B%W%m%H%3%k$r(B $B;H$&J}K!$O(B2$B

pop3s $B%]!<%H$X$NMW5a$r(B stunnel $B$,(B localhost $B>e$N(B pop3 $B%]!<%H$X(Bforward$B$7$F$7$^$&J}K!!#(B

 $B%5!<%P>e$G(Bstunnel$B$rF0$+$9(B
    stunnel -d pop3s -r localhost:pop3

$B$3$N$h$&$J@_Dj$G0BA4@-$r$5$i$K9b$a$k$?$a$K$O!"(B pop3 $B%]!<%H$X$N%"%/%;%9$O(B localhost $B$+$i$N$_(B $B2DG=$K@_Dj$7$F$*$-$^$9!#(B

pop3s $B%]!<%H$X$NMW5a$r(B stunnel $B$,@\(B pop$B%5!<%P$r5/F0$9$kJ}K!!#(B

 $B%5!<%P>e$G(Bstunnel$B$rF0$+$9(B
    stunnel -d pop3s -l /usr/local/sbin/popper

$B$3$N$h$&$J@_Dj$G0BA4@-$r$5$i$K9b$a$k$?$a$K$O!"(B POP3$B%]!<%H$X$N%"%/%;%9$O40A4$K6X;_$K$7$F$*$$$?J}$,$h$$$G$7$g$&!#(B $B$I$A$i$N>l9g$G$b!">e5-$N$h$&$K%*%W%7%g%s$r;XDj$7$F(B stunnel$B$r5/F0$7$F$*$1$P(B pop3s $B$X$NMW5a$O $B%5!<%P$N5/F0J}K!$K$O(B

OS$B5/F0;~$K%5!<%P$r5/F0$7$F$*$/!#(B
$B%9!<%Q!<%5!<%P(B (inetd $B$d(B xinetd $B$J$I(B) $B7PM3$G5/F0$9$k!#(B

$B$H$$$&(B2$B

localhost$B$N(Bpop3$B%]!<%H$X(Bforwarding$B$9$kNc$r<($7$^$9!#(B

 /etc/xinetd.d/pop3s (xinetd$B$N>l9g(B)
service pop3s
{
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/stunnel
        server_args             = -r localhost:pop3
        log_on_success          += USERID
        log_on_failure          += USERID
	disable			= no
}

$B$3$N>l9g$O!"!V(Bpop3 $B%]!<%H$X$N%"%/%;%9$O(B localhost $B$+$i$N$_(B $B2DG=$J$h$&$K!W@_Dj$rJQ99$7$F$*$-$^$9!#(B

 /etc/xinetd.d/pop3 (xinetd$B$N>l9g(B)
service pop3
{
	socket_type	= stream
	wait		= no
	user		= root
	server		= /usr/local/sbin/popper
	only_from	= 127.0.0.1
}

nitta@tsuda.ac.jp

USER uid	uid$B$H$7$F(Blogin$B$9$k!#(B
PASS password	$BG'>Z$N$?$a%Q%9%o!<%I$rAw$k!#(B
STAT	$B%a!<%k$N8D?t$H(Bmailbox$B$N%5%$%:$rD4$Y$k!#(B
LIST	$B3F%a!<%k$H$=$N%5%$%:$N0lMw$rI=<($9$k!#(B
RETR n	n$BHVL\$N%a!<%k$r
DELE n	n$BHVL\$N%a!<%k$r:o=\|$9$k!#(B
RSET	$B%j%;%C%H$9$k(B($B2C$($?JQ99$rL5$7$K$9$k(B)$B!#(B
QUIT	logout$B$9$k!#(B