SSL and TLS will be supported in IMAP 2000 (due to be released during production of this book), but they are not supported in earlier versions. The University of Washington has an SSL patch kit for the UW IMAP server, which adds SSL and TLS server support to POP and IMAP. Unfortunately, UW cannot make it available even with the recently relaxed U.S. government export restrictions, because of lingering governmental restrictions with regard to which countries still may not receive encryption technology from the U.S., and certain peripheral issues, such as the distribution of crypto-binaries.

As an alternative approach using freely available open source software, IMAP can be tunneled through SSL or SSH using the techniques discussed in Appendix B, Adding SSL Support to IMAP .

As we mentioned before, in addition to /tmp permissions needing to be set to 1777 (drwxrwxrwt), all lock files created in /tmp by IMAPD must have the permissions of 0666 (-rw-rw-rw-). Yes, that does open up the possibility of malicious or accidental denial of service by changing or removing the lock files, but any permissions other than 0666 will keep shared mailboxes from working. On this issue, you have two choices. One, to go on living with the problem and knowing that it may be fairly easy to track down lock file vandals. Two, to use this ...