casa-mp-base

IMAP-UW Darwin/Mac OS X 10.3 README

Author: Robert Shaw <rshaw@opendarwin.org>

​

Tested with IMAP-UW version 2004 and version 2004a.DEV.SNAP-0405261606 (variant

+devel) on Mac OS X 10.3.4.

​

Built and installed using:

  sudo port install imap-uw +ssl_pam +subdir

OR

  sudo port install imap-uw +ssl_pam +subdir +devel

​

This file outlines the set of steps needed to enable use of IMAP-UW with

SSL using PAM on a Mac OS X (or Darwin) 10.3 system. Most of the

information provided here was gathered from the following web pages:

​

  http://www.theatrain.net/pantherimaps.html

  http://www.macosxhints.com/article.php?story=20031023144031331

  http://www.macosxhints.com/article.php?story=20031202115248100

  http://docs.info.apple.com/article.html?artnum=25593

​

First, we need to enable PAM support for IMAP by creating the

appropriate IMAP PAM setup file:

​

  sudo cp /opt/local/share/doc/imap-uw/etc-pam.d-imap /etc/pam.d/imap

​

NOTE: POP can be similarly enabled. See above web links for further

details if desired.

​

Next, we need to enable XINETD to handle incoming IMAP or IMAPS requests

by creating the appropriate XINETD setup files:

​

  sudo cp /opt/local/share/doc/imap-uw/etc-xinetd.d-imap  /etc/xinetd.d/imap

  sudo cp /opt/local/share/doc/imap-uw/etc-xinetd.d-imaps /etc/xinetd.d/imaps

​

Now, we need to tell XINETD to re-read the available services by sending

it a HUP signal:

​

  sudo kill -HUP `cat /var/run/xinetd.pid`

​

To enable SSL authentication to the IMAP-UW server, we need to also

create a SSL certificate:

​

  cd /System/Library/OpenSSL/certs

  sudo openssl req -new -x509 -nodes -out imapd.pem -keyout imapd.pem -days 3650

​

NOTE: It is IMPORTANT that you use your server's hostname (e.g. the same

name you enter in the "Incoming Mail Server" field of Mail.app) for the

"Common Name" prompt when creating this certificate. Otherwise, the next

step won't work right, and Mail.app will always ask you to confirm

acceptance of this certificate everytime you login to the IMAP-UW

server.

​

Finally, to prevent Mail.app from continually asking about your

self-signed certificate everytime you connect to the server, you can do

the following to load the certificate into your keychain:

​

  1. Click "Show certificate" when Mail asks if you want to accept the

  certificate.

​

  2. Press the Option key while dragging the certificate to the desktop.

  The certificate's icon appears on the desktop.

​

  3. Add the certificate to your keychain by dragging its icon on top of