Configure POP3 SECURE

dougl

Verified User
Joined
May 21, 2005
Messages
8
A few updates

I wasn't able to get stunnel to work from xinetd but I didn't have any trouble getting it to work as a daemon. Here's my stunnel.conf file:

Code:
cert = /usr/local/etc/stunnel/stunnel.pem


; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /usr/local/var/stunnel/
setuid = nobody
;setgid = nogroup
setgid = nobody
; PID is created inside chroot jail
pid = /stunnel.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle

; Workaround for Eudora bug
options = DONT_INSERT_EMPTY_FRAGMENTS

; Some debugging stuff useful for troubleshooting
debug = 3
output = /var/log/stunnel.log

; Service-level configuration

[pop3s]
accept  = 995
connect = 110
This was pretty simple to get working. You just need to configure your email client to use SSL when it checks for mail.

Oh, and don't forget to put this in a startup script so that it launches when you reboot the server! I put mine in /etc/rc.local as a quick fix. Maybe somebody has created an init script?

-dougl
 

interfasys

Verified User
Joined
Oct 31, 2003
Messages
2,099
Location
Switzerland
You shouldn't need a script.
The port creates one for you: /usr/local/etc/rc.d/stunnel.sh

Just add:
stunnel_enable="YES"
to your rc.conf

(I hope it works for you, on my system the sh script seems to be wrong).
 
Top