===================================================
RH Fedora Core 1: IMAPD Installation and Configure With & Without SSL Support
===================================================

In attempting to get IMAP going on a new FC1 server, I was receiving this error
message in /var/log/messages:

Feb 19 10:18:13 HOS-TIP-ADD-RES imapd[23071]: \

 Login disabled user=validuser auth=validuser host=[HOS.TIP.ADD.RES]

After researching, it was clear I was missing an SSL cert. I built the SSL certs
for my server/domains, and the error message changed to:

Feb 19 10:58:38 HOS-TIP-ADD-RES imapd[27194]: \

 Login failed user=validuser auth=validuser host=my.dialup.addr [DIA.LUP.IPA.DDR]

This was an indication that I needed to include an entry for the IMAP service in
my PAM authentication configuration, required for FC1 and later. That did it.

So here is my sequence, after getting the source from the University of Washington's
IMAP website: ftp://ftp.cac.washington.edu/mail/imap.tar.Z

> Go to download directory, unpack source, enter source dir

# cd /usr/src

# tar -xzf imap.tar.Z

# cd /usr/src/imap-2004c1

> Make a new dir for the non-SSL build, and copy raw source to it

# mkdir /usr/src/imap-2004c1-nossl

# cp -R * /usr/src/imap-2004c1-nossl/

> From orig dir, make for Linux Red Hat with SSL support (default)

# make lrh

> Copy the resulting executable to a 'normal' directory
> Note the appended 's' designation on the final executable

# cp imapd/imapd /etc/rc.d/init.d/imapds

> Go to the non-SSL source dir and make without SSL support

# cd ../imap-2004c1-nossl

# make lrh SSLTYPE=none

> Copy the resulting executable to a 'normal' directory

# cp imapd/imapd /etc/rc.d/init.d/imapd

> Create the xinetd startup file for imapds

# vi /etc/xinetd.d/imaps

> Contains:

#

# imaps - SSL-encrypted IMAP mail daemon

#

service imaps

{

 socket_type = stream

 protocol = tcp

 wait  = no

 user  = root

 server  = /etc/rc.d/init.d/imapds

 server_args = -s

 flags  = IPv4

 disable  = no

}

> Create the xinetd startup file for imapd

# vi /etc/xinetd.d/imap

> Contains:

#

# imap - Plaintext IMAP mail daemon

#

service imap

{

 socket_type = stream

 wait  = no

 user  = root

 server  = /etc/rc.d/init.d/imapd

 log_on_success += HOST DURATION

 log_on_failure += HOST

 disable  = no

}

> Go to SSL certificates dir and build new certs for default and domain(s)

# cd /usr/share/ssl/certs

# openssl req -new -x509 -nodes -out \

 imapd.pem -keyout imapd.pem -days 365

# openssl req -new -x509 -nodes -out \

 imapd-mydomain1.com.pem -keyout imapd-mydomain.com.pem -days 365

# openssl req -new -x509 -nodes -out \

 imapd-mail.mydomain1.com.pem -keyout imapd-mail.mydomain.com.pem -days 365

> The result in the certs dir:

# ls -la

-rw-r--r-- 1 root root 249373 Mar 17 2004 ca-bundle.crt

-rw------- 1 root root 1464 Jun 3 2004 dovecot.pem

-rw-r--r-- 1 root root 2193 Feb 19 11:16 imapd-mail.mydomain.com.pem

-rw-r--r-- 1 root root 2197 Feb 19 11:14 imapd-mydomain.com.pem

-rw-r--r-- 1 root root 2193 Feb 19 11:12 imapd.pem

-rw-r--r-- 1 root root 610 Mar 17 2004 make-dummy-cert

-rw-r--r-- 1 root root 1832 Mar 17 2004 Makefile

> Create an entry for imapd in PAM authentication dir

# vi /etc/pam.d/imap

> Contains:

auth required pam_pwdb.so shadow nullok

account required pam_pwdb.so

password required pam_pwdb.so shadow nullok use_authtok

session required pam_pwdb.so

> Restart xinetd

# xinetd reload

> Done.

===================================================
I found notes from David K. Rider's website [davidkrider.com] (for SuSE v8.2) to be very useful.
===================================================