Technical data

ManualsBrandsCompaq ManualsComputer equipmentCompaq TCP/IP Services for OpenVMS

341

342

343

344

345

346

347

348

349

350

Conﬁguring and Managing the POP Server

18.1 Key Concepts

18.1.4 How the POP Server Handles Foreign Message Formats

POP contains minimal support for mail messages that contain foreign formats.

Such messages are usually binary and therefore are not transferred to the POP

client. Instead, the POP server transfers the message headers, along with a brief

message instructing the user to log in and extract the foreign message into a ﬁle.

Foreign messages are moved into your MAIL folder; they are never deleted by the

POP server.

18.1.5 How the POP Server Authorizes Users

Table 18–1 outlines the methods the POP server process uses to authorize user

access.

Table 18–1 POP User Authorization Methods

Method Description

Shared secret-password

string

Most secure POP server access method. Initiated by the client system

through the APOP command.

Allows a user to become authorized by the POP server without the need

to send a password over the network. Eliminates a potential path for

unauthorized users to obtain a password and break into the system.

POP requires a shared secret string from any user who wants to read mail

using the APOP authorization method. For information about creating

the shared secret string, see the DIGITAL TCP/IP Services for OpenVMS

User’s Guide.

User name and password Least secure POP server access method. Initiated by the client system

through the USER and PASS commands.

The POP server authorizes the client to access the desired mailbox based

on receipt of a valid user name and password.

1. The user conﬁgures a user name and password into the POP client

system. Each POP client has its own method of conﬁguring. Note that

the user name and password pair is the user name and password for

the TCP/IP Services system, not for the POP client system.

2. The POP client sends the user name and password pair to the server,

and the server conﬁrms the pair against that in the OpenVMS

SYSUAF ﬁle. Note that the password is sent unencrypted over

the TCP connection, which might cause security problems for some

environments. Upon authorization, the POP server allows access to

the user’s OpenVMS mailbox.

OpenVMS SYSUAF settings

on user accounts

Access to the POP server is not permitted if:

• Either the DISMAIL or DISUSER ﬂags are set for the account.

• The account has expired according to the SYSUAF expiration date.

• Access has been denied because of an incorrect user name and

password.

Ability to disable the USER

and PASS commands

Allows the system manager to use the APOP authorization method for

all POP clients, the more secure means of user authorization. When you

disable the USER and PASS commands (by deﬁning the logical name

TCPIP$POP_DISUSERPASS), the POP server responds to the commands

with a failure message.

Conﬁguring and Managing the POP Server 18–3