Description of problem: Many certificate authorities issue site certificates against an intermediate certificate, not a root one that most browsers/email clients use. pop3s currently discards any intermediate certificates appended to /usr/share/ssl/certs/ipop3d.pem The functionality sought is same in spirit as apache modssl's SSLCertificateChainFile How reproducible: Case in point: A certificate issued by starfield.com will be rejected by e.g. kmail and outlook express because the intermediate certificate needed to ensure authenticity of site certificate is not sent to the client. The real problem is that the SSLCertificateChainFile's functionality is missing... Since imap doesn't seem to use any configuration files, one could hard-code it to look for intermediate certificates in a file with a documented name. The /usr/share/ssl/certs/ipop3d.pem doesn't seem to be documented either :(
UW imap was deprecated as of FC1, imap solutions in fedora and RHEL are now Cyrus and Dovecot. I'm sorry but there is no continuing engineering work being performed by Red Hat on UW imap. You may if you wish address this issue directly with the upstream project which you can find here, http://www.washington.edu/imap
What's the pop3 solution, then? I don't need this for imap, just for pop3...
Both the cyrus-imap and dovecot rpm's provide pop3 along with imap, just like the imap package from UW did. Dovecot is smaller, easier to administer, and compatible with UNIX mbox format. Cyrus is a much more complex package and uses a non-standard mail store. I suspect for your purposes dovecot may be a better solution, cyrus however is more mature and more familar to admins.