friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzair_5.4.0.1/controlpopaccess.htm

77 lines
4.8 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Control Post Office Protocol access" />
<meta name="abstract" content="To ensure the security of your server, you should control Post Office Protocol (POP) access." />
<meta name="description" content="To ensure the security of your server, you should control Post Office Protocol (POP) access." />
<meta name="DC.Relation" scheme="URI" content="rzairplanseccontrol.htm" />
<meta name="DC.Relation" scheme="URI" content="rzairsmtppa.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="controlpopaccess" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Control Post Office Protocol access </title>
</head>
<body id="controlpopaccess"><a name="controlpopaccess"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Control Post Office Protocol access </h1>
<div><p>To ensure the security of your server, you should control Post
Office Protocol (POP) access.</p>
<p>If you want to allow POP clients to access your iSeries™ server, be aware of the following
security considerations:</p>
<ul><li>The POP mail server provides authentication for clients who attempt to
access their mailboxes. The client sends a user ID and password to the server. <div class="note"><span class="notetitle">Note:</span> The
password is sent in the clear and can be vulnerable.</div>
<div class="p">The POP mail
server verifies the user ID and password against the iSeries user profile and password for
that user. Because you do not have control over how the user ID and password
are stored on the POP client, you might want to create a special user profile
that has very limited authority on your iSeries server. To prevent anyone from
using the user profile for an interactive session, you can set the following
values in the user profile:<ul class="simple"><li>Set initial menu (INLMNU) to <samp class="codeph">*SIGNOFF</samp></li>
<li>Set initial program (INLPGM) to <samp class="codeph">*NONE</samp></li>
<li>Set limit capabilities (LMTCPB) to <samp class="codeph">*YES</samp></li>
</ul>
</div>
</li>
<li>To prevent a malicious intruder from flooding your server with unwanted
objects, be sure that you have set adequate threshold limits for your auxiliary
storage pools (ASPs). The ASP storage threshold prevents your server from
stopping because the operating system does not have sufficient working space.
You can display and set the thresholds for ASPs by using either system service
tools (SST) or dedicated service tools (DST). </li>
<li>Although you need to ensure that your ASP threshold prevents your server
from being flooded, you also need to ensure that your iSeries server has adequate space to
properly store and deliver mail. If your server cannot deliver mail because
the iSeries server
does not have adequate storage for transient mail, this is an integrity problem
for your users. When system storage use is high, mail stops running. <div class="note"><span class="notetitle">Note:</span> Typically
storage space is not a significant problem. When a client receives mail, the iSeries server
deletes the mail from the server.</div>
</li>
</ul>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzairplanseccontrol.htm" title="You should control who accesses your server through e-mail to protect your data from malicious attacks.">Control e-mail access</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzairsmtppa.htm" title="You can use simple steps to determine what is causing a problem with e-mail.">Determine problems with e-mail</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink