# How to run ssl with sendmail 8.14.4 and uw-imap-2007e SOLVED

## Moriah

The title says it all.  I have been running sendmail and imap on my lan for years, but my sendmail and imap are not usable from the internet except to send mail out.  I now have roving laptops to support, and the users (including myself!) are complaining about having to use the squirrelmail web client for email, so I guess its time to set up sendmail and imap with ssl so they can use their favorite mailers.

The versions I am running are:

```

*  mail-mta/sendmail

      Latest version available: 8.14.4

      Latest version installed: 8.14.4

      Size of files: 2,031 kB

      Homepage:      http://www.sendmail.org/

      Description:   Widely-used Mail Transport Agent (MTA)

      License:       Sendmail

*  net-mail/uw-imap

      Latest version available: 2007e

      Latest version installed: 2007e

      Size of files: 2,724 kB

      Homepage:      http://www.washington.edu/imap/

      Description:   UW server daemons for IMAP and POP network mail protocols.

      License:       Apache-2.0

```

I assume this is not a big deal.  I already have a self-signed certificate installed for the web server and subversion repository to use via apache, so I assume I can use the same certificate for sendmail and imap as well -- after all, its the same openssl using the certificate.

Thanks for you help!    :Very Happy: 

----------

## audiodef

I don't know if this will be useful to you, but cach0rr0 just helped me configure my mail server and while he was at it, wrote a very nice guide. You're already doing things one way, and his guide is for another way, but nevertheless, I thought I'd point out the thread to you and you can glean from it what you will.   :Cool: 

https://forums.gentoo.org/viewtopic-t-872027-highlight-.html

----------

## Moriah

I'm sure that howto will help a lot of people, but, as you suspected, it does not really help me, since all I want to do is add ssl support to an existing mail setup.

I pm-ed cach0rr0 and asked him to take a look at this thread...

----------

## Moriah

Well. I now have to set up mail on a new server, so I am going to try the cach0rr0 guide.  If it really works well, I will likely back-migrate it to my old server as well, as I like to keep things fairly uniform to minimize what all I have to support.

----------

## audiodef

The cach0rr0 guide is awesome. He wrote it while I set it up as his guinea pig. 

I have to mirror it on my site, when I get around to it.

----------

## Moriah

Pappy and I along with others did a similar thing January and Fbruary of 2010 when I was setting up my laptop.  I created a thread for it.  The setup is based on Pappy's Seeds, and puts 64 bit kernel on my Lenovo w500 laptop with 8 GB RAM and 250 GB SSD using a fully encrypted disk and booting from a usb stick with LUKS passphrase 2 factor authentication running the decrypted disk under lvm with no partitions, only a physical volume, a volume group, and logical volumes.  The thread is at:

https://forums.gentoo.org/viewtopic-t-809431-highlight-laptop+seeds.html?sid=47a196c6eec671aeb6043d14b3f398a4

----------

## audiodef

The NSA can never get your files now.   :Shocked: 

----------

## Moriah

Not totally true, but perhaps if they are really motivated, it would still take them a month or so.    :Shocked: 

My concern is the privacy of my client's proprietary information and my obligation to keep it private.  Laptops are more likely to be lost or stolen than most other computers.    :Cool: 

----------

## audiodef

I once read a post somewhere in which someone said everyone should encrypt all of their email, so that the NSA's servers can go crazy, only to find grandma's secret cookie recipe. 

I agree!   :Laughing: 

----------

## Moriah

Well see?  That's absolutely correct, because it was a *SECRET* cookie recipe!    :Wink: 

----------

## Moriah

Well, I've got the sendmail part working with ssl/tls now, but I'm still having trouble getting uw-imap to behave the way I want.  I still have to send username and password in the clear to the imap server to fetch mail down to the client.  I think the problem might be certificate related, but I'm not really sure.  Furthermore, I am having trouble re-emerging uw-imap, which needs to be done to change the USE flags.  It seems it is failing during the configure stage because it cannot apply a patch file.  I am opening up another thread on this issue, and I will post a link to it with an edit to this post shortly.

EDIT:

Here's the link:

https://forums.gentoo.org/viewtopic-t-880221-highlight-.html?sid=76fefef72852fa1027b74850b11f20ad

----------

## audiodef

Moriah, have you ever run into being told by a webmail client that you're over quota despite your conf files saying you shouldn't be, given the size of the messages in your inbox on the server?

(I hope that made sense.   :Laughing:  )

----------

## Moriah

I have over 200 GB availabe on my mail server, so I don't bother with quotas.    :Twisted Evil: 

----------

## Moriah

I forgot to update this thread, but everything is working fine with thunderbird running on an outside-my-network ip address.  The imap server is doing ssl/tls with sendmail doing ssl/tls and sasl authentication.    :Cool: 

----------

