CONFIGURING SSL on COURIER IMAP AND POP3D
-----------------------------------------

1. Make the certificate configuration file

    # cd /usr/local/etc/courier-imap/

    # cp imapd.cnf.dist imapd.cnf
    # ln -s imapd.cnf pop3d.cnf

    * Now edit the file imapd.cnf, and replace the values for:

    C=
    ST
    L
    O
    OU
    CN
    emailAddress

    ... for example:

    C=BT
    ST=none
    L=Paro
    O=Courier Mail Server
    OU=Auto generated SSL
    CN=wsXX.ws3.conference.sanog.org
    emailAddress=postmaster@YOURDOMAIN.ws3.conference.sanog.org

    * Save the file

2. Now, let's make the certificate:

    # cd /usr/local/share/courier-imap
    # ./mkimapdcert
    ...
    # ./mkpop3dcert

    * Create a directory for the SSL cache:

    # mkdir /usr/local/var/

5. Let's do mutt with SSL!

    * Edit /home/sanog/.muttrc, and REMOVE the line:

    set starttls = no

    * Run mutt again

    mutt -f imap://sanog@wsXX

    You should see something like:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - 
This certificate belongs to:
   noc.ws3.conference.sanog.org
   Unknown
   Courier Mail Server
   Automatically-generated SSL key
   Paro

This certificate was issued by:
   noc.ws3.conference.sanog.org
   Unknown
   Courier Mail Server
   Automatically-generated SSL key
   Paro

This certificate is valid
   from Jul 17 09:42:17 2010 GMT
     to Jul 17 09:42:17 2011 GMT

Fingerprint: 4FFC 1817 5901 84A0 4150 BA31 09DC 59B3

-- Mutt: SSL Certificate check
(r)eject, accept (o)nce
- - - - - - - - - - - - - - - - - - - - - - - - - - - - 

6. Repeat the exercise with tcpdump from Lab 3

    * Can you see the contents of the mail traffic now ?