LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 03-11-2005, 03:35 PM   #1
[GOD]Anck
Member
 
Registered: Dec 2003
Location: The Netherlands
Distribution: Slackware
Posts: 171

Rep: Reputation: 33
slack imapd + tls/ssl & thunderbird


How would I go about configuring my Slackware 10.1 box to provide IMAP + TLS/SSL with the regular imapd? I've got it running in plaintext mode without a problem, simply by uncommenting it's entry in /etc/inetd.conf, but I can't seem to find where to configure it further. I suppose I will need to tell it where to find my certificate and such. There isn't an /etc/imapd.conf file as I would have expected. man imapd also isn't very helpful.

netstat -tpan shows that it isn't listening on port 993, so imaps obviously isn't working. When I telnet localhost 143 the capability listing does show STARTTLS, so I think I should be able to negotiate a secure connection. Sadly though, Thunderbird only seems to offer TLS negotiation when connecting to an SMTP server. For IMAP the settings dialog only offers SSL on / off, and turning it on for port 143 doesn't do what I'd like it to.

Can anyone point me in the right direction please? I'd be happy with either imaps on port 993 or TLS on the regular port 143, if that's at all possible with Thunderbird.

Thanks in advance for any help you can give me!
 
Old 03-13-2005, 07:47 AM   #2
suraka
LQ Newbie
 
Registered: Mar 2005
Location: Australia
Distribution: Slackware 10.1
Posts: 6

Rep: Reputation: 0
what you're looking for is stunnel..

stunnel

1) Run the following to prepare stunnel:

Code:
cp /etc/stunnel/stunnel.conf-sample /etc/stunnel/stunnel.conf
mkdir /var/stunnel
chown nobody:nobody /var/stunnel
/etc/stunnel/generate-stunnel-key.sh
When generating the stunnel key, make sure that the Common Name (FQDN of your server) is the host name of the server. Otherwise mail clients may complain of a mismatch.

2) Make the following changes in '/etc/stunnel.conf', then stunnel will be configured to support pop3s/impas/smtps:

Code:
cert = /etc/stunnel/stunnel.pem
chroot = /var/stunnel/
 
Old 03-13-2005, 12:15 PM   #3
[GOD]Anck
Member
 
Registered: Dec 2003
Location: The Netherlands
Distribution: Slackware
Posts: 171

Original Poster
Rep: Reputation: 33
Thanks, that was exactly the thing I was looking for! It works like a charm, with stunnel running as a daemon, listening to the SSL enabled ports and forwarding traffic to the services' regular ports after decrypting it. I didn't expect it to be this easy. Slackware just never ceases to amaze me.

Thanks again!
 
Old 03-14-2005, 01:19 AM   #4
suraka
LQ Newbie
 
Registered: Mar 2005
Location: Australia
Distribution: Slackware 10.1
Posts: 6

Rep: Reputation: 0
no problem you can also use stunnel for https, skipping the need to configure mod_ssl. infact stunnel can be used to tunnel anything over SSL, another example may be ftp (out of windows, i know filezilla supports this).
 
Old 02-24-2009, 02:33 PM   #5
Mig21
Member
 
Registered: Jan 2005
Posts: 193

Rep: Reputation: 33
Thanks for that, I've managed to get my IMAP on Slackware to work over SSL also.

I have one question though - do I need to run stunnel from my init scripts (i.e. once per boot) or is it a one-time setup kind of thing?

And what's stunnel3? When I try to run it, it says

Code:
# stunnel3
/sbin/stunnel exec failed at /usr/sbin/stunnel3 line 39.
I'm just curious.

Cheers
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Proftpd and SSL/TLS mikeheggy Linux - Networking 3 12-19-2008 10:01 AM
vsftpd ssl/tls jefffq Linux - Software 2 07-05-2005 06:38 PM
apache SSL/TLS overlord73 Linux - Security 3 05-12-2005 05:53 AM
FTP via SSL (TLS) embsupafly Linux - Security 2 03-02-2005 08:47 PM
SSL vs. TLS X11 Linux - Security 8 12-17-2002 03:39 PM


All times are GMT -5. The time now is 09:51 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration