[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: imap

Interesting - I've been using sslwrap.  Does anybody have experience
with stunnel vs. sslwrap?
phil.

"Hassard, Stephen" wrote:
> 
> A cool way to do this with stunnel is:
> 
> stunnel -d 993 -r myimaphost:143
> (or take a look at http://www.stunnel.org/examples/encrypt_services.html)
> 
> the only problem I've seen with this method is that some imap+ssl combos
> require a proper signed cert to hook up with the imap server (maybe).
> that'll cost you a bit of $$. newer versions of outlook express (5.5 sp2
> beta) warn about a cert that can't be checked, but eudora (5.1) and mozilla
> (nightlies) seem to just croak.
> 
> later,
> Steve
> 
> > -----Original Message-----
> > From: Patrick Mulvany [mailto:paddy@firedrake.org]
> > Sent: Wednesday, August 01, 2001 9:25 AM
> > To: debian-security@lists.debian.org
> > Subject: imap
> >
> >
> > On Mon, Jul 30, 2001 at 10:38:29PM +0000, Jim Breton wrote:
> > > On Mon, Jul 30, 2001 at 01:54:03PM -0700, Stephen Hassard wrote:
> > > > I was just playing around securing one of my Exchange
> > boxes, and found that
> > > > coupling Stunnel (http://www.stunnel.org/) with your
> > favourite mail server
> > > > works really well (not that Exchange is my pick for a
> > secure mail server)
> > >
> > > Indeed, I have been doing exactly that and it works great.
> > I run Solar
> > > Designer's 'popa3d' on port 110 for those users which do not have
> > > clients supporting TLS, but those who do are encouraged to use the
> > > POP3/TLS running on port 995 which is really just an
> > stunnel to port 110
> > > on the same machine.  Outlook Express and many other clients have
> > > built-in support for this so there is very little tech
> > support overhead.
> >
> > I am currently investigating a similar issue but using imap.
> > Has anyone any
> > suggestions relating to a non-exploitable imap server that
> > impliments TLS
> > encryptions. imapd appears to impliment encrypted
> > authentication but what I
> > need is encrypted transfer which is not in the debian
> > packaged version.
> >
> > Thanks
> >
> > Paddy
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> > listmaster@lists.debian.org
> >
> 
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

-- 
                                 Whirlycott
                                 Philip Jacob
                                 phil@whirlycott.com
                                 http://www.whirlycott.com/phil/
Reply to: