From owner-freebsd-questions@FreeBSD.ORG Tue Jul 5 19:02:13 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1280116A41C for ; Tue, 5 Jul 2005 19:02:10 +0000 (GMT) (envelope-from matt@atopia.net) Received: from neptune.atopia.net (neptune.atopia.net [209.128.231.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id EDFBF44118 for ; Tue, 5 Jul 2005 18:57:34 +0000 (GMT) (envelope-from matt@atopia.net) Received: by neptune.atopia.net (Postfix, from userid 1001) id F02D36388; Tue, 5 Jul 2005 14:57:23 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by neptune.atopia.net (Postfix) with ESMTP id EE4DB637B for ; Tue, 5 Jul 2005 14:57:23 -0400 (EDT) Date: Tue, 5 Jul 2005 14:57:23 -0400 (EDT) From: Matt Juszczak To: freebsd-questions@freebsd.org Message-ID: <20050705145350.W37501@neptune.atopia.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: Remote access to a user's mail spool X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2005 19:02:13 -0000 Hi all, We're an ISP, and we are currently looking for a way for our tech support guys to access customer's email without having shell access to the server, or knowing the customer's password. We'd like to install a custom webmail client on our private internal LAN webserver that would only show the user's inbox and the ability to delete the messages (couldn't read messages, etc.). The problem is that we would have to know the user's password in order for my PHP script to go out and fetch the mail. Is there a way I can setup and/or patch one of the POP3 clients (of course I would firewall this and do an SSH tunnel with the pop3d running on localhost only on the mail server, so I would keep things secure) so that it could be given any random password and would authenticate? Or is this some kind of patch I would need to write? Maybe a better option would be to write a custom client/server interface via ssh to interact with the mail spool (possibly calling "mail" over ssh remotely, with public/private key authentication and sudo access to mail for the remote account).... Any ideas? Thanks, Matt PS: I can admit that I originally posted this to the dovecot mailing list, but am now seeing it might be a system-related issue vs. a pop3 daemon issue.