Hello Guy and thanks for your reply.
Guy wrote:
So you have... Client (MUA) <=> Avast and/or Popfile <=> Stunnel <=> Server (MTA)
Yes, that's right.
I've looked at the mail headers more, and tried some of the packet sniffing/log methods, but I'm not really having any more success in understanding / pinpointing a secure connection.
I think I'm not going to be able to grasp the issues here, so maybe it is simpler if I could simply state what I have done, to check that it should be correct;
I installed both OpenSLL and Stunnel. I haven't changed anything from the OpenSLL install. In stunnel.conf, I currently have the file shown at the bottom of this email. I have changed settings in Thunderbird's mail accounts (hosts and ports) and in Avast Anti-Virus email scanner. (its redirected ports settings) Adding Popfile (a local mail 'tagging' proxy) back into the equation has required some further tweaks to Thunderbird's ports and server usernames syntax.
As I said earlier, all seems to be working, in that my 'chain' appears to be having an effect. However should I be considering anything else to make this process meaningful, such as certificates or security issues? My only motive for using Stunnel and OpenSSL is to allow Avast email scanner to scan _all_ emails, including those it normally cannot scan due to their servers requiring me to use a secure connection. So, if I am doing this 'new' process wrongly or opening up security issues due to not understanding it, I would be better off reverting to how it was previously, seeing as the mail servers I use state they do virus scanning anyway.
Thanks again, Lee UK
my current stunnel.conf :-
client=yes service=popmail
[popmail] accept = 127.0.0.1:210 connect = pop.mail.yahoo.co.uk:995
[popmail] accept = 127.0.0.1:310 connect = pop.tools.sky.com:995
[pop3_sky] accept = 127.0.0.1:1109 connect = pop.tools.sky.com:995
[pop3_yahoo] accept = 127.0.0.1:1108 connect = pop.mail.yahoo.co.uk:995
[smtp_sky] accept=127.0.0.1:259 connect=smtp.tools.sky.com:465
[smtp_yahoo] accept=127.0.0.1:258 connect=smtp.mail.yahoo.co.uk:465
[imap_sky] accept=127.0.0.1:1439 connect=imap.tools.sky.com:993
--------------------------------------------------------------------------
--- avast! Antivirus: Outbound message clean. Virus Database (VPS): 090524-0, 24/05/2009 Tested on: 5/24/2009 15:38:38 avast! - copyright (c) 1988-2009 ALWIL Software. http://www.avast.com