[svlug] stunnel to gmail

Joe Brenner doom at kzsu.stanford.edu
Mon Sep 27 16:01:51 PDT 2010


Yes, I'm beginning to lean toward a fetchmail solution.
At the very least it's better documented, with lots of
tutorials out there like so:

  http://souptonuts.sourceforge.net/postfix_tutorial.html

I'm a little unclear on stunnel concepts (like, does it magically
make an encrypted port on another machine act like a local port,
or do you point your mail agent at the remote machine, and let
stunnel magically add encryption to the process?), and there's
been a resounding silence everywhere I've asked my question
thus far.


Romain Kang <romain at kzsu.stanford.edu> wrote:

> Hi Joe,
>
> I don't know MH/NMH, but could it work to use fetchmail to pull
> down messages via IMAP/S or POP3/S, then feed them to slocal?
>
> Romain
>
> Joe Brenner wrote:
> >
> > I'm an mh user running ubuntu jaunty, and I want to get my local
> > email working over POP3/SMTP SSL connections to a gmail account.
> > So I'm trying to get mh (probably nmh, but gnu mailutils would be
> > okay) to talk over SSL using stunnel.
> >
> > I've suceeded in using slypheed to get mail from gmail, so I know the
> > gmail account is working and is set-up for pop3 and so on.  When I
> > run inc, though, it just hangs on me and then reports "inc: no mail
> > to incorporate".
> >
> > I can see that I've got stunnel running:
> >   ps ax | egrep stun | egrep -v egrep
> >   6534 ?        Ss     0:00 /usr/bin/stunnel4 /etc/stunnel/stunnel.conf
> >
> > I'm looking for suggestions on what I might be doing wrong, and
> > hints on how to go about isolating the problems.
> >
> > Here's a summary of the kind of configurations I've been trying:
> >
> > /etc/nmh/mts.conf:
> >
> >    # mts: sendmail
> >    mts: smtp
> >
> >    hostable: /etc/nmh/hosts
> >
> >    localname: smtp.gmail.com
> >    # localname: gmail.com
> >
> >    masquerade:
> >
> >    mmdfldir: /var/mail
> >    mmdflfil:
> >
> >    pophost: pop.gmail.com
> >    # pophost: localhost
> >
> >    # servers: localhost
> >    servers: smtp.gmail.com
> >
> >
> > /etc/default/stunnel4
> >
> >   # Change to one to enable stunnel
> >   # ENABLED=0
> >   ENABLED=1
> >   FILES="/etc/stunnel/*.conf"
> >   OPTIONS=""
> >
> >   PPP_RESTART=0
> >
> >
> > /etc/stunnel/stunnel.conf
> >
> >   sslVersion = SSLv3
> >
> >   chroot = /var/lib/stunnel4/
> >   setuid = stunnel4
> >   setgid = stunnel4
> >   pid = /stunnel4.pid
> >
> >   socket = l:TCP_NODELAY=1
> >   socket = r:TCP_NODELAY=1
> >
> >   debug = 7
> >   output = /var/log/stunnel4/stunnel.log
> >
> >   client = yes
> >
> >   [pop3s]
> >   accept = 127.0.0.1:1109
> >   connect = pop.gmail.com:995
> >
> >   [imaps]
> >   accept  = 993
> >   connect = 143
> >
> >   [smtps]
> >   accept = 127.0.0.1:259
> >   connect = smtp.gmail.com:465
> >
> >
> > /var/log/stunnel4/stunnel.log
> >
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: Snagged 64 random bytes from /dev/urandom
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: RAND_status claims sufficient entropy for the PRNG
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: PRNG seeded successfully
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context initialized for service pop3s
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context initialized for service imaps
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context initialized for service smtps
> > 2010.09.21 11:11:41 LOG5[6528:140533218399984]: stunnel 4.22 on x86_64-pc-linux-gnu with OpenSSL 0.9.8g 19 Oct 2007
> > 2010.09.21 11:11:41 LOG5[6528:140533218399984]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
> > 2010.09.21 11:11:41 LOG6[6528:140533218399984]: file ulimit = 1024 (can be changed with 'ulimit -n')
> > 2010.09.21 11:11:41 LOG6[6528:140533218399984]: poll() used - no FD_SETSIZE limit for file descriptors
> > 2010.09.21 11:11:41 LOG5[6528:140533218399984]: 500 clients allowed
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 10 in non-blocking mode
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 11 in non-blocking mode
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 12 in non-blocking mode
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option set on accept socket
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: pop3s bound to 127.0.0.1:1109
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 13 in non-blocking mode
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option set on accept socket
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: imaps bound to 0.0.0.0:993
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 14 in non-blocking mode
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option set on accept socket
> > 2010.09.21 11:11:41 LOG7[6528:140533218399984]: smtps bound to 127.0.0.1:259
> > 2010.09.21 11:11:41 LOG7[6534:140533218399984]: Created pid file /stunnel4.pid
> >
> >
> >
> > /var/log/mail.log
> >
> > Sep 21 13:40:32 fineline gnu-pop3d[15484]: Incoming connection opened
> > Sep 21 13:40:32 fineline gnu-pop3d[15484]: connect from 127.0.0.1
> > Sep 21 13:40:32 fineline gnu-pop3d[15484]: User `doomvox at gmail.com': nonexistent
> > Sep 21 13:40:32 fineline gnu-pop3d[15484]: Session ended for no user
> >
> >
> >
> > _______________________________________________
> > svlug mailing list
> > svlug at lists.svlug.org
> > http://lists.svlug.org/lists/listinfo/svlug




More information about the svlug mailing list