[svlug] stunnel to gmail

Joe Brenner doom at kzsu.stanford.edu
Tue Sep 21 14:00:36 PDT 2010


I'm an mh user running ubuntu jaunty, and I want to get my local
email working over POP3/SMTP SSL connections to a gmail account.
So I'm trying to get mh (probably nmh, but gnu mailutils would be
okay) to talk over SSL using stunnel.

I've suceeded in using slypheed to get mail from gmail, so I know the
gmail account is working and is set-up for pop3 and so on.  When I
run inc, though, it just hangs on me and then reports "inc: no mail
to incorporate".

I can see that I've got stunnel running:
  ps ax | egrep stun | egrep -v egrep
  6534 ?        Ss     0:00 /usr/bin/stunnel4 /etc/stunnel/stunnel.conf

I'm looking for suggestions on what I might be doing wrong, and
hints on how to go about isolating the problems.

Here's a summary of the kind of configurations I've been trying:

/etc/nmh/mts.conf:

   # mts: sendmail
   mts: smtp

   hostable: /etc/nmh/hosts

   localname: smtp.gmail.com
   # localname: gmail.com

   masquerade:

   mmdfldir: /var/mail
   mmdflfil:

   pophost: pop.gmail.com
   # pophost: localhost

   # servers: localhost
   servers: smtp.gmail.com


/etc/default/stunnel4

  # Change to one to enable stunnel
  # ENABLED=0
  ENABLED=1
  FILES="/etc/stunnel/*.conf"
  OPTIONS=""

  PPP_RESTART=0


/etc/stunnel/stunnel.conf

  sslVersion = SSLv3

  chroot = /var/lib/stunnel4/
  setuid = stunnel4
  setgid = stunnel4
  pid = /stunnel4.pid

  socket = l:TCP_NODELAY=1
  socket = r:TCP_NODELAY=1

  debug = 7
  output = /var/log/stunnel4/stunnel.log

  client = yes

  [pop3s]
  accept = 127.0.0.1:1109
  connect = pop.gmail.com:995

  [imaps]
  accept  = 993
  connect = 143

  [smtps]
  accept = 127.0.0.1:259
  connect = smtp.gmail.com:465


/var/log/stunnel4/stunnel.log

2010.09.21 11:11:41 LOG7[6528:140533218399984]: Snagged 64 random bytes from /dev/urandom
2010.09.21 11:11:41 LOG7[6528:140533218399984]: RAND_status claims sufficient entropy for the PRNG
2010.09.21 11:11:41 LOG7[6528:140533218399984]: PRNG seeded successfully
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context initialized for service pop3s
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context initialized for service imaps
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context initialized for service smtps
2010.09.21 11:11:41 LOG5[6528:140533218399984]: stunnel 4.22 on x86_64-pc-linux-gnu with OpenSSL 0.9.8g 19 Oct 2007
2010.09.21 11:11:41 LOG5[6528:140533218399984]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2010.09.21 11:11:41 LOG6[6528:140533218399984]: file ulimit = 1024 (can be changed with 'ulimit -n')
2010.09.21 11:11:41 LOG6[6528:140533218399984]: poll() used - no FD_SETSIZE limit for file descriptors
2010.09.21 11:11:41 LOG5[6528:140533218399984]: 500 clients allowed
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 10 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 11 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 12 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option set on accept socket
2010.09.21 11:11:41 LOG7[6528:140533218399984]: pop3s bound to 127.0.0.1:1109
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 13 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option set on accept socket
2010.09.21 11:11:41 LOG7[6528:140533218399984]: imaps bound to 0.0.0.0:993
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 14 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option set on accept socket
2010.09.21 11:11:41 LOG7[6528:140533218399984]: smtps bound to 127.0.0.1:259
2010.09.21 11:11:41 LOG7[6534:140533218399984]: Created pid file /stunnel4.pid



/var/log/mail.log

Sep 21 13:40:32 fineline gnu-pop3d[15484]: Incoming connection opened
Sep 21 13:40:32 fineline gnu-pop3d[15484]: connect from 127.0.0.1
Sep 21 13:40:32 fineline gnu-pop3d[15484]: User `doomvox at gmail.com': nonexistent
Sep 21 13:40:32 fineline gnu-pop3d[15484]: Session ended for no user






More information about the svlug mailing list