[stunnel-users] Sending "LOGOUT" when using StartTLS offloading?

Markus Borst M.Borst at hrz.tu-darmstadt.de
Tue Aug 16 10:03:12 CEST 2011

I have to cope with a very unusual imap server behavior, but maybe 
stunnel can help me: Can stunnel send an imap command ("XX LOGOUT"), 
just before closing the tcp session?

Setup: I use stunnel for SSL/TLS offloading, both via extra port (993) 
and StartTLS emulation (143). Our imap server (Mercury) has a very 
peculiar feature: If a tcp connection is closed without properly closing 
the imap session first (LOGOUT), the server discards certain attributes, 
specifically, it "forgets" all deletions since last logout. Since many 
imap clients just tear down the connection in certain cases (for example 
Thunderbird going into offline mode, many webmailers or stunnel reaching 
it's "TIMEOUTidle"), this causes mails to be undeleted. We currently use 
an older version of the mailserver, since only the newest is broken.

Needless to say, this does not go well with our users. A fixed version 
of the imap server may never come, so, until we can switch all users to 
a new mail system: Is it possible to use stunnel to send an additional 
imap command before closing the tcp connection (something like "999 
LOGOUT")? The command should be sent no matter why the connection is 
closed, either because the client closed it, a timeout is reached or 
stunnel is unloaded. If the connection is already cleanly logged out, 
this doesn't matter, in all other situations it would help.

Would it be possible to send such a command, or could this be added as a 
new feature?

Markus Borst


==== Achtung! Umzug: neuer Raum: ====

TU Darmstadt
Hochschulrechenzentrum (HRZ)
Markus Borst
Adresse: 	Mornewegstr. 30   64293 Darmstadt
Tel.: 	06151/16-2056
Email: 	M.Borst at hrz.tu-darmstadt.de

More information about the stunnel-users mailing list