[svlug] stunnel to gmail

Daniel Pittman daniel at rimspace.net
Mon Sep 27 18:06:44 PDT 2010

Joe Brenner <doom at kzsu.stanford.edu> writes:

> Yes, I'm beginning to lean toward a fetchmail solution.  At the very least
> it's better documented, with lots of tutorials out there like so:
>   http://souptonuts.sourceforge.net/postfix_tutorial.html
> I'm a little unclear on stunnel concepts (like, does it magically make an
> encrypted port on another machine act like a local port, or do you point
> your mail agent at the remote machine, and let stunnel magically add
> encryption to the process?), and there's been a resounding silence
> everywhere I've asked my question thus far.

Oh.  I am vaguely surprised at the silence, but: stunnel is a TCP level
tunnel.  You connect to it, and it then makes a TLS/SSL connection to whatever
target it was told to talk to.

So, no magic: for using it to secure the client side you would tell it to
listen to a local port, and to connect to a remote port, then configure your
non-TLS software to talk to the local port.

To answer the question more generally and for the future: unless it is built
in to the kernel *nothing* can manipulate your network connections.

(Note: iptables is built in to the kernel, and can be convinced to redirect
 connection attempts to a remote target to a local service, so you could
 theoretically use that it implement this with stunnel, but just don't. :)

Anyway, using fetchmail, an LDA, and something like msmtp is probably the
least-worst way to get your mail from Gmail to MH and all.

✣ Daniel Pittman            ✉ daniel at rimspace.net            ☎ +61 401 155 707
               ♽ made with 100 percent post-consumer electrons

More information about the svlug mailing list