# wget http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz ... # gzip -cd checkpassword-0.90.tar.gz |tar -xf - # cd checkpassword-0.90 # make ... # make setup check ... # cd .. # wget http://www.openssl.org/source/openssl-0.9.7d.tar.gz ... # gzip -cd openssl-0.9.7d.tar.gz |tar -xf - # cd openssl-0.9.7d # ./config ... # make ... # make test ... # make install ... # cd /package # wget http://www.superscript.com/ucspi-ssl/ucspi-ssl-0.67.tar.gz ... # gzip -cd ucspi-ssl-0.67.tar.gz |tar -xf - # cd host/superscript.com/net/ucspi-ssl-0.76 # patch -p1 </path/to/ucspi-ssl-cc.patch ... # package/compile ... # package/rts ... # package/install ... # package/report ... # mkdir /usr/local/ssl/pem # mkdir /usr/local/ssl/private # openssl dhparam -check -text -5 1024 -out /usr/local/ssl/pem/dh1024.pem ... # openssl req -new -x509 -nodes -days 730 -newkey rsa:1024 -keyout /usr/local/ssl/private/pop3s.key -out /usr/local/ssl/certs/pop3s.cert ... # mkdir -p /var/qmail/supervise/qmail-pop3d/log # mkdir /var/log/qmail/pop3d # chown qmaill /var/log/qmail/pop3d # cat >/var/qmail/supervise/qmail-pop3d/run <<EOF ? #!/bin/sh ? CERTFILE="/usr/local/ssl/certs/pop3s.cert" ? KEYFILE="/usr/local/ssl/private/pop3s.key" ? DHFILE="/usr/local/ssl/pem/dh1024.pem" ? export CERTFILE KEYFILE DHFILE ? LOCAL="pop3s.example.com" ? exec /usr/local/bin/softlimit -m 2000000 /usr/local/bin/sslserver -v -R -l \ ? "\$LOCAL" 0 pop3s /var/qmail/bin/qmail-popup "\$LOCAL" /bin/checkpassword \ ? /var/qmail/bin/qmail-pop3d Maildir 2>&1 ? EOF # cat >/var/qmail/supervise/qmail-pop3d/log/run <<EOF ? #!/bin/sh ? exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/log/qmail/pop3d ? EOF # chmod 755 /var/qmail/supervise/qmail-pop3d/run # chmod 755 /var/qmail/supervise/qmail-pop3d/log/run # ln -s /var/qmail/supervise/qmail-pop3d /service # sslconnect pop3s.example.com 995 -a /usr/local/ssl/certs/pop3s.cert +OK <24015.1077736920@pop3s.example.com> user mary +OK pass jane +OK list +OK . quit +OK # |