[stunnel-users] Stunnel for secure email connections

Lee uklee at ukonline.co.uk
Sun May 24 16:38:37 CEST 2009 

Hello Guy and thanks for your reply.

Guy wrote:
> So you have...
> Client (MUA) <=> Avast and/or Popfile <=> Stunnel <=> Server (MTA)
>
>
>   
Yes, that's right.

I've looked at the mail headers more, and tried some of the packet 
sniffing/log methods, but I'm not really having any more success in 
understanding / pinpointing a secure connection.

I think I'm not going to be able to grasp the issues here, so maybe it 
is simpler if I could simply state what I have done, to check that it 
should be correct;

I installed both OpenSLL and Stunnel. I haven't changed anything from 
the OpenSLL install.
In stunnel.conf, I currently have the file shown at the bottom of this 
email.
I have changed settings in Thunderbird's mail accounts (hosts and ports) 
and in Avast Anti-Virus email scanner. (its redirected ports settings)
Adding Popfile (a local mail 'tagging' proxy) back into the equation has 
required some further tweaks to Thunderbird's ports and server usernames 
syntax.

As I said earlier, all seems to be working, in that my 'chain' appears 
to be having an effect.
However should I be considering anything else to make this process 
meaningful, such as certificates or security issues?
My only motive for using Stunnel and OpenSSL is to allow Avast email 
scanner to scan _all_ emails, including those it normally cannot scan 
due to their servers requiring me to use a secure connection. So, if I 
am doing this 'new' process wrongly or opening up security issues due to 
not understanding it, I would be better off reverting to how it was 
previously, seeing as the mail servers I use state they do virus 
scanning anyway.

Thanks again,
Lee
UK

my current stunnel.conf  :-

client=yes
service=popmail

[popmail]
accept = 127.0.0.1:210
connect = pop.mail.yahoo.co.uk:995

[popmail]
accept = 127.0.0.1:310
connect = pop.tools.sky.com:995

[pop3_sky]
accept   = 127.0.0.1:1109
connect  = pop.tools.sky.com:995

[pop3_yahoo]
accept  = 127.0.0.1:1108
connect = pop.mail.yahoo.co.uk:995

[smtp_sky]
accept=127.0.0.1:259
connect=smtp.tools.sky.com:465

[smtp_yahoo]
accept=127.0.0.1:258
connect=smtp.mail.yahoo.co.uk:465

[imap_sky]
accept=127.0.0.1:1439
connect=imap.tools.sky.com:993

--------------------------------------------------------------------------



---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 090524-0, 24/05/2009
Tested on: 5/24/2009 15:38:38
avast! - copyright (c) 1988-2009 ALWIL Software.
http://www.avast.com

More information about the stunnel-users mailing list