[stunnel-users] Goldmine 6.7 behind a Server
Blake Miller
blake at promotiondesign.com
Wed Sep 14 22:04:26 CEST 2011
We are planning to transition our email service to Google Apps with our
Goldmine 6.7 Corporate Edition so need to use Stunnel. We have Goldmine
setup and run from a central Server and a shared/networked drive F: Each
client machine runs Goldmine, BUT via the server path noted earlier. When
logged in locally to the server and running Goldmine locally, everything
works great. Stunnel is connected, we're able to send/receive email, etc.
However from a remote machine, it doesn't work. Have tried installing
stunnel on the local machine. Have tried accessing the said ports via the
Server's IP address from within the network. And have hacked around
different config setups without luck.
Being a NOOB with Stunnel, we're at a loss with further configuration
without literally 'hacking around' in the dark any further.
Our config file is just below
Thanks in advance.
Blake
;
****************************************************************************
*
; * Global Options
*
;
****************************************************************************
*
; Debugging stuff (may useful for troubleshooting)
debug = 7
output = stunnel.log
;
****************************************************************************
*
; * Service Defaults (may also be specified in individual service sections)
*
;
****************************************************************************
*
; Certificate/key is needed in server mode and optional in client mode
cert = stunnel.pem
;key = stunnel.pem
; Authentication stuff needs to be configured to prevent MITM attacks
; It is not enabled by default!
;verify = 2
; Don't forget to c_rehash CApath
;CApath = certs
; It's often easier to use CAfile
;CAfile = certs.pem
; Don't forget to c_rehash CRLpath
;CRLpath = crls
; Alternatively CRLfile can be used
;CRLfile = crls.pem
; Disable support for insecure SSLv2 protocol
options = NO_SSLv2
; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS
; The following options provide additional security at some performance
penalty
; Default ECDH/DH parameters are strong/conservative, so it is quite safe to
; comment out these lines in order to get a performance boost
options = SINGLE_ECDH_USE
options = SINGLE_DH_USE
;
****************************************************************************
*
; * Service Definitions (at least one service has to be defined)
*
;
****************************************************************************
*
; Example SSL server mode services
;[pop3s]
;accept = 995
;connect = 110
;[imaps]
;accept = 993
;connect = 143
;[ssmtp]
;accept = 465
;connect = 25
; Example SSL client mode services
[gmail-pop3]
client = yes
accept = 127.0.0.1:9995
connect = pop.gmail.com:995
[gmail-smtp]
client = yes
accept = 127.0.0.1:4465
connect = smtp.gmail.com:465
;[gmail-imap]
;client = yes
;accept = 127.0.0.1:143
;connect = imap.gmail.com:993
; Certificate/key is needed in server mode and optional in client mode
cert = stunnel.pem
;key = stunnel.pem
More information about the stunnel-users
mailing list