On Tue, 13 Aug 2002, Rick Byers wrote:

> On Tue, 13 Aug 2002, Frederick Bruckman wrote:
>
> > It's my understanding that netscape and others would still be able to
> > use unencrypted password authentication (as long as you don't set
> > IMAP_UW_NOCLEARTEXT to "YES"). Whatever clients are currently working
> > without TLS/SSL in the server should work the same with it in.
>
> I tried with Netscape, and Netscape gave me a warning about the server
> having an invalid certificate.  If SSL is supported by the server,
> Netscape will use STARTTLS.  Sure it will still work, but I don't want my
> customers to have to change any settings or accept any new warnings -
> otherwise we'll get hundreads of phone calls over the following weeks
> (seriously).  I think this is why the imap-uw SSLBUILD file says
> specifically to only enable SSL if you actually plan on installing valid
> certificates.

I see. Does this work for you?

Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/mail/imap-uw/Makefile,v
retrieving revision 1.42
diff -u -r1.42 Makefile
--- Makefile	2002/07/28 05:38:46	1.42
+++ Makefile	2002/08/14 01:08:58
@@ -61,7 +61,7 @@
 ALL_TARGET+=	EXTRALDFLAGS="${LDFLAGS}"
 .if defined(IMAP_UW_NO_CLEARTEXT) && ${IMAP_UW_NO_CLEARTEXT} == "YES"
 ALL_TARGET+=	SSLTYPE="nopwd"
-.else
+.elif !defined(IMAP_UW_NO_SSL) || ${IMAP_UW_NO_SSL} != "YES"
 ALL_TARGET+=	SPECIALAUTHENTICATORS="ssl"
 ALL_TARGET+=	SSLTYPE="unix"
 .endif
@@ -116,5 +116,7 @@
 	${CHOWN} -R ${SHAREOWN}:${SHAREGRP} ${DOC_DIR}
 	${CHMOD} -R a=rX ${DOC_DIR}

+.if !defined(IMAP_UW_NO_SSL) || ${IMAP_UW_NO_SSL} != "YES"
 .include "../../security/openssl/buildlink.mk"
+.endif
 .include "../../mk/bsd.pkg.mk"

Frederick