Eudora-Mac-Cannot communicate with Kerberos

[Ken Hornstein]

>Ken, I've been using Mac Eudora with K5 fine almost always.  I have a few
>machines that have the problem I indicated to the list.  I had heard that
>Jaguar mail had Kerberos.  Unfortunately, our popper does not support the
>GSSAPI style (whatever that means), only KCLIENT.  Mulberry also uses GSSAPI.
>Is it difficult to convert to this style on our pop server?  Can we do both
>in the same server?

The quick answer is "it depends".  In terms of a protocol standpoint,
KCLIENT is considered a dead-end, and newer code and applications are
encouraged to use SASL/GSSAPI.  So that's why newer programs are starting
to support GSSAPI (FWIW, the Jaguar Mail client also claims to support 
KPOP, but the one person I know who tried it told me it didn't work;
I didn't personally test it myself, I only tested the GSSAPI support).

Some POP servers already do it (like Cyrus).  We use qpopper here, and
I have patches to it that let it use the Cyrus-SASL library, which
includes a GSSAPI mechanism, and that's what I tested the Jaguar
Mail.app and Mulberry against (both which worked fine).  The Qpopper
guys were nice enough to give me access to their development tree, and
the next release of qpopper should have cyrus-sasl support in it, if I
get off my duff and finish polishing it up.

You can implement KPOP and GSSAPI at the same time, using the same binary,
even; we do that with qpopper.  Not knowing your POP server, I can't
say if you can do both or not at the same time.  If you're using some
other open-source POP server, you can always add SASL support, but it's
a bit of work (but not too bad if you steal someone else's code :-) ).
If you're using a commercial one, you're going to have to bug your vendor.
But there are no protocol problems that prevent it from being done.

--Ken