<HTML><BODY style="word-wrap: break-word; -khtml-nbsp-mode: space; -khtml-line-break: after-white-space; ">Thanks Gonz. That seems to be all that was needed.<DIV><BR class="khtml-block-placeholder"></DIV><DIV>- Van</DIV><DIV><BR><DIV><DIV>On Jun 21, 2007, at 12:53 PM, Gonzalo Diethelm wrote:</DIV><BR class="Apple-interchange-newline"><BLOCKQUOTE type="cite"> I did a simple search on Google for "stunnel Wrong permissions on" and followed the very first link:<BR> <BR> <BLOCKQUOTE> <A href="http://ipucu.enderunix.org/view.php?id=973&lang=en">http://ipucu.enderunix.org/view.php?id=973&lang=en</A><BR> <BR> <B><TT>"Wrong permissions on /usr/local/etc/stunnel/stunnel.pem"</TT></B><TT> </TT><TT><B><I>- �smail Yenig�</I></B></TT><TT><B><I>l -</I></B></TT><TT><I> (2006-03-07 19:12:40)��</I></TT><TT> </TT><TT><B>[1934]</B></TT><TT> </TT><BR> <BR> <TT>if you get this error message issue the following command to fix the permission. </TT><BR> <BR> <TT># chmod 600 /usr/local/etc/stunnel/stunnel.pem</TT><BR> </BLOCKQUOTE> <BR> HTH. Regards.<BR> <BR> On Thu, 2007-06-21 at 12:23 -0400, Van wrote: <BLOCKQUOTE type="CITE"> <PRE><FONT color="#000000">Getting closer. I now get-</FONT>
<FONT color="#000000">[van@mailserver ]$ sudo stunnel /usr/local/etc/stunnel/stunnel.conf </FONT>
<FONT color="#000000">localhost:ipop3</FONT>
<FONT color="#000000">2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ </FONT>
<FONT color="#000000">local/etc/stunnel/mail.pem</FONT>
<FONT color="#000000">2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ </FONT>
<FONT color="#000000">local/etc/stunnel/mail.pem</FONT>
<FONT color="#000000">2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ </FONT>
<FONT color="#000000">local/etc/stunnel/mail.pem</FONT>
<FONT color="#000000">But that doesn't make sense to me. mail.pem permissions are the same </FONT>
<FONT color="#000000">as my cert's and it works fine.</FONT>
<FONT color="#000000">[van@mailserver change_passwd]$ ls -al /usr/local/etc/stunnel/mail.pem</FONT>
<FONT color="#000000">-rw-r--r-- 1 root root 2942 Jun 20 18:21 /usr/local/etc/stunnel/ </FONT>
<FONT color="#000000">mail.pem</FONT>
<FONT color="#000000">[van@mailserver change_passwd]$ ls -al /etc/httpd/certs/<A href="http://www.crt">www.crt</A></FONT>
<FONT color="#000000">-rw-r--r-- 1 root root 1074 Jun 1 12:30 /etc/httpd/certs/<A href="http://www.crt">www.crt</A></FONT>
<FONT color="#000000">Is the error misleading? Or what should the mail.pem perms be?</FONT>
<FONT color="#000000">Van</FONT>
<FONT color="#000000">On Jun 20, 2007, at 9:33 PM, Kevin Cook wrote:</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> If you are using a stunnel.conf file, I would replace the '-d pop3s </FONT>
<FONT color="#000000">> -r'</FONT>
<FONT color="#000000">> with the absolute path to the .conf file:</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> sudo /usr/local/sbin/stunnel /usr/local/etc/stunnel/stunnel.conf</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> I believe command line options were typically used more in older</FONT>
<FONT color="#000000">> versions, but now all configuration is done in the configuration file.</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> Kevin</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> -----Original Message-----</FONT>
<FONT color="#000000">> From: Van [mailto:<A href="mailto:vanyel@medusa.bioc.aecom.yu.edu">vanyel@medusa.bioc.aecom.yu.edu</A>]</FONT>
<FONT color="#000000">> Sent: Wednesday, June 20, 2007 6:03 PM</FONT>
<FONT color="#000000">> To: <A href="mailto:stunnel-users@mirt.net">stunnel-users@mirt.net</A></FONT>
<FONT color="#000000">> Subject: [stunnel-users] Trying to get stunnel to work for forwarding</FONT>
<FONT color="#000000">> pop3sto ipop3 port</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> Hello,</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> This is my introduction to stunnel. I've inherited control of a </FONT>
<FONT color="#000000">> pop3 and</FONT>
<FONT color="#000000">> imap server running Red Hat Linux 4 that I want to access via pop3s </FONT>
<FONT color="#000000">> and</FONT>
<FONT color="#000000">> imaps. I'm starting out with securing the pop3 since most users are</FONT>
<FONT color="#000000">> using it.</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> I downloaded stunnel 4.20 and compiled it according to the </FONT>
<FONT color="#000000">> instructions</FONT>
<FONT color="#000000">> on stunnel.org.</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> I read the certificates section of the site and made a new .pem file</FONT>
<FONT color="#000000">> that I named mail.pem and have in the /usr/local/etc/stunnel/ </FONT>
<FONT color="#000000">> directory</FONT>
<FONT color="#000000">> that /usr/local/etc/stunnel/stunnel.conf asks for. But when I try to</FONT>
<FONT color="#000000">> run stunnel like in the Examples section I get :</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> [van@mailserver ~]$ sudo /usr/local/sbin/stunnel -d pop3s -r</FONT>
<FONT color="#000000">> localhost:ipop3</FONT>
<FONT color="#000000">> 2007.06.20 17:59:54 LOG3[25516:3086419648]: -d: No such file or</FONT>
<FONT color="#000000">> directory (2)</FONT>
<FONT color="#000000">> Syntax:</FONT>
<FONT color="#000000">> stunnel [<filename>] ] -fd <n> | -help | -version | -sockets</FONT>
<FONT color="#000000">> <filename> - use specified config file instead of /usr/local/</FONT>
<FONT color="#000000">> etc/stunnel/stunnel.conf</FONT>
<FONT color="#000000">> -fd <n> - read the config file from a file descriptor</FONT>
<FONT color="#000000">> -help - get config file help</FONT>
<FONT color="#000000">> -version - display version and defaults</FONT>
<FONT color="#000000">> -sockets - display default socket options</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> I'm a little lost here. Never dealt with a .pem file before stunnel.</FONT>
<FONT color="#000000">> I have a self-signed cert I'm successfully using for https webmail on</FONT>
<FONT color="#000000">> the server and guessing stunnel couldn't see that, I appended my file</FONT>
<FONT color="#000000">> 'mailserver.crt' into my mail.pem file and edited stunnel.conf so it</FONT>
<FONT color="#000000">> has</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> ;CAfile = /usr/local/etc/stunnel/certs.pem CAfile =</FONT>
<FONT color="#000000">> /usr/local/etc/stunnel/mail.pem</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> but no dice. Same result.</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> Trying to debug, I find 'stunnel -V' also gives the same result.</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> Can someone point out what's going wrong?</FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">> -Van</FONT>
<FONT color="#000000">> _______________________________________________</FONT>
<FONT color="#000000">> stunnel-users mailing list</FONT>
<FONT color="#000000">> <A href="mailto:stunnel-users@mirt.net">stunnel-users@mirt.net</A></FONT>
<FONT color="#000000">> <A href="http://stunnel.mirt.net/mailman/listinfo/stunnel-users">http://stunnel.mirt.net/mailman/listinfo/stunnel-users</A></FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">></FONT>
<FONT color="#000000">_______________________________________________</FONT>
<FONT color="#000000">stunnel-users mailing list</FONT>
<FONT color="#000000"><A href="mailto:stunnel-users@mirt.net">stunnel-users@mirt.net</A></FONT>
<FONT color="#000000"><A href="http://stunnel.mirt.net/mailman/listinfo/stunnel-users">http://stunnel.mirt.net/mailman/listinfo/stunnel-users</A></FONT>
</PRE> </BLOCKQUOTE> <TABLE cellspacing="0" cellpadding="0" width="100%"> <TBODY><TR><TD> <BR> -- <BR> Gonzalo Diethelm<BR> <A href="mailto:gonzalo.diethelm@diethelm.org">gonzalo.diethelm@diethelm.org</A> </TD></TR></TBODY></TABLE> </BLOCKQUOTE></DIV><BR></DIV></BODY></HTML>