Configure POP3 SECURE

A few updates

I wasn't able to get stunnel to work from xinetd but I didn't have any trouble getting it to work as a daemon. Here's my stunnel.conf file:

Code:
cert = /usr/local/etc/stunnel/stunnel.pem


; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /usr/local/var/stunnel/
setuid = nobody
;setgid = nogroup
setgid = nobody
; PID is created inside chroot jail
pid = /stunnel.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle

; Workaround for Eudora bug
options = DONT_INSERT_EMPTY_FRAGMENTS

; Some debugging stuff useful for troubleshooting
debug = 3
output = /var/log/stunnel.log

; Service-level configuration

[pop3s]
accept  = 995
connect = 110

This was pretty simple to get working. You just need to configure your email client to use SSL when it checks for mail.

Oh, and don't forget to put this in a startup script so that it launches when you reboot the server! I put mine in /etc/rc.local as a quick fix. Maybe somebody has created an init script?

-dougl
 
You shouldn't need a script.
The port creates one for you: /usr/local/etc/rc.d/stunnel.sh

Just add:
stunnel_enable="YES"
to your rc.conf

(I hope it works for you, on my system the sh script seems to be wrong).
 
Back
Top