[stunnel-users] pop3 stunnel nmh to gmail
Joseph Brenner
doomvox at gmail.com
Fri Sep 24 21:53:24 CEST 2010
I'm an nmh user running ubuntu jaunty, and I want to get my local
email working over SSL connections to a gmail account (POP3/SMTP).
So I'm trying to get some form of mh to talk over SSL using stunnel4.
I'm looking for suggestions on what I might be doing wrong, and
hints on how to go about isolating the problems.
I've succeeded in using slypheed to get mail from gmail, so I know the
gmail account is working and is set-up for pop3 and so on. When I
run mh's inc command, though, it just reports:
"inc: no servers available"
I can see that I've got stunnel running by doing a:
ps ax | egrep stun | egrep -v egrep
5937 ? SN 0:00 /usr/bin/stunnel4 /etc/stunnel/stunnel.conf
5938 ? SN 0:00 /usr/bin/stunnel4 /etc/stunnel/stunnel.conf
5939 ? SN 0:00 /usr/bin/stunnel4 /etc/stunnel/stunnel.conf
5940 ? SN 0:00 /usr/bin/stunnel4 /etc/stunnel/stunnel.conf
5941 ? SN 0:00 /usr/bin/stunnel4 /etc/stunnel/stunnel.conf
5942 ? SNs 0:00 /usr/bin/stunnel4 /etc/stunnel/stunnel.conf
Google has some instructions up about servers and port numbers
(but no examples specific to stunnel):
http://mail.google.com/support/bin/answer.py?hl=en&answer=13287
Here's a summary of the kind of configurations I've been trying:
/etc/default/stunnel4:
ENABLED=1
FILES="/etc/stunnel/*.conf"
OPTIONS=""
PPP_RESTART=0
/etc/stunnel/stunnel.conf:
sslVersion = SSLv3
chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
pid = /stunnel4.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /var/log/stunnel4/stunnel.log
client = yes
[pop3s]
accept = 127.0.0.1:995
connect = pop.gmail.com:110
[smtps]
accept = 127.0.0.1:465
connect = smtp.gmail.com:25
/etc/nmh/mts.conf:
mts: smtp
hostable: /etc/nmh/hosts
localname: smtp.gmail.com
# localname: gmail.com
masquerade:
mmdfldir: /var/mail
mmdflfil:
# pophost: localhost
# pophost: pop.gmail.com:995
pophost: pop.gmail.com:110
# pophost: pop.gmail.com
# servers: localhost
servers: smtp.gmail.com
/var/log/stunnel4/stunnel.log
2010.09.21 11:11:41 LOG7[6528:140533218399984]: Snagged 64 random
bytes from /dev/urandom
2010.09.21 11:11:41 LOG7[6528:140533218399984]: RAND_status claims
sufficient entropy for the PRNG
2010.09.21 11:11:41 LOG7[6528:140533218399984]: PRNG seeded successfully
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context
initialized for service pop3s
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context
initialized for service imaps
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SSL context
initialized for service smtps
2010.09.21 11:11:41 LOG5[6528:140533218399984]: stunnel 4.22 on
x86_64-pc-linux-gnu with OpenSSL 0.9.8g 19 Oct 2007
2010.09.21 11:11:41 LOG5[6528:140533218399984]: Threading:PTHREAD
SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2010.09.21 11:11:41 LOG6[6528:140533218399984]: file ulimit = 1024
(can be changed with 'ulimit -n')
2010.09.21 11:11:41 LOG6[6528:140533218399984]: poll() used - no
FD_SETSIZE limit for file descriptors
2010.09.21 11:11:41 LOG5[6528:140533218399984]: 500 clients allowed
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 10 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 11 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 12 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option
set on accept socket
2010.09.21 11:11:41 LOG7[6528:140533218399984]: pop3s bound to 127.0.0.1:1109
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 13 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option
set on accept socket
2010.09.21 11:11:41 LOG7[6528:140533218399984]: imaps bound to 0.0.0.0:993
2010.09.21 11:11:41 LOG7[6528:140533218399984]: FD 14 in non-blocking mode
2010.09.21 11:11:41 LOG7[6528:140533218399984]: SO_REUSEADDR option
set on accept socket
2010.09.21 11:11:41 LOG7[6528:140533218399984]: smtps bound to 127.0.0.1:259
2010.09.21 11:11:41 LOG7[6534:140533218399984]: Created pid file /stunnel4.pid
/var/log/mail.log
Sep 21 13:40:32 fineline gnu-pop3d[15484]: Incoming connection opened
Sep 21 13:40:32 fineline gnu-pop3d[15484]: connect from 127.0.0.1
Sep 21 13:40:32 fineline gnu-pop3d[15484]: User `doomvox at gmail.com': nonexistent
Sep 21 13:40:32 fineline gnu-pop3d[15484]: Session ended for no user
I'm using the "stunnel4" package for ubuntu jaunty:
/usr/bin/stunnel4 -version
stunnel 4.22 on x86_64-pc-linux-gnu with OpenSSL 0.9.8g 19 Oct 2007
Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
Global options
debug = 5
pid = /var/run/stunnel4.pid
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
Service-level options
cert = /etc/stunnel/stunnel.pem
ciphers = AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH
key = /etc/stunnel/stunnel.pem
session = 300 seconds
stack = 65536 bytes
sslVersion = SSLv3 for client, all for server
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTconnect = 10 seconds
TIMEOUTidle = 43200 seconds
verify = none
uname -a
Linux fineline 2.6.24-16-generic #1 SMP Thu Apr 10 12:47:45 UTC 2008
x86_64 GNU/Linux
gcc -v
Using built-in specs.
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu
4.3.3-5ubuntu4'
--with-bugurl=file:///usr/share/doc/gcc-4.3/README.Bugs
--enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr
--enable-shared --with-system-zlib --libexecdir=/usr/lib
--without-included-gettext --enable-threads=posix --enable-nls
--with-gxx-include-dir=/usr/include/c++/4.3 --program-suffix=-4.3
--enable-clocale=gnu --enable-libstdcxx-debug --enable-objc-gc
--enable-mpfr --with-tune=generic --enable-checking=release
--build=x86_64-linux-gnu --host=x86_64-linux-gnu
--target=x86_64-linux-gnu
Thread model: posix
gcc version 4.3.3 (Ubuntu 4.3.3-5ubuntu4)
openssl version
OpenSSL 0.9.8g 19 Oct 2007
More information about the stunnel-users
mailing list