IMAP-UW Darwin/Mac OS X 10.3 README Author: Robert Shaw Tested with IMAP-UW version 2004 and version 2004a.DEV.SNAP-0405261606 (variant +devel) on Mac OS X 10.3.4. Built and installed using: sudo port install imap-uw +ssl_pam +subdir OR sudo port install imap-uw +ssl_pam +subdir +devel This file outlines the set of steps needed to enable use of IMAP-UW with SSL using PAM on a Mac OS X (or Darwin) 10.3 system. Most of the information provided here was gathered from the following web pages: http://www.theatrain.net/pantherimaps.html http://www.macosxhints.com/article.php?story=20031023144031331 http://www.macosxhints.com/article.php?story=20031202115248100 http://docs.info.apple.com/article.html?artnum=25593 First, we need to enable PAM support for IMAP by creating the appropriate IMAP PAM setup file: sudo cp /opt/local/share/doc/imap-uw/etc-pam.d-imap /etc/pam.d/imap NOTE: POP can be similarly enabled. See above web links for further details if desired. Next, we need to enable XINETD to handle incoming IMAP or IMAPS requests by creating the appropriate XINETD setup files: sudo cp /opt/local/share/doc/imap-uw/etc-xinetd.d-imap /etc/xinetd.d/imap sudo cp /opt/local/share/doc/imap-uw/etc-xinetd.d-imaps /etc/xinetd.d/imaps Now, we need to tell XINETD to re-read the available services by sending it a HUP signal: sudo kill -HUP `cat /var/run/xinetd.pid` To enable SSL authentication to the IMAP-UW server, we need to also create a SSL certificate: cd /System/Library/OpenSSL/certs sudo openssl req -new -x509 -nodes -out imapd.pem -keyout imapd.pem -days 3650 NOTE: It is IMPORTANT that you use your server's hostname (e.g. the same name you enter in the "Incoming Mail Server" field of Mail.app) for the "Common Name" prompt when creating this certificate. Otherwise, the next step won't work right, and Mail.app will always ask you to confirm acceptance of this certificate everytime you login to the IMAP-UW server. Finally, to prevent Mail.app from continually asking about your self-signed certificate everytime you connect to the server, you can do the following to load the certificate into your keychain: 1. Click "Show certificate" when Mail asks if you want to accept the certificate. 2. Press the Option key while dragging the certificate to the desktop. The certificate's icon appears on the desktop. 3. Add the certificate to your keychain by dragging its icon on top of Keychain Access. Note: Keychain Access is located in the Utilities folder (/Applications/Utilities). 4. When Keychain Access opens, you may be prompted to select a certificate type. If this happens, choose X509 Anchors. NOTE: This "import" of the certificate will need to be done on each client that you use to access the IMAP-UW server.