Results 1 to 10 of 10

Thread: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

  1. #1
    Join Date
    May 2006
    Location
    Germany
    Beans
    Hidden!
    Distro
    Ubuntu 10.10 Maverick Meerkat

    [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    Hi,

    mail-notification was not compiled with SSL/TLS support, because of some licensing problems that, in my option, is really idotic, at least for us users.

    First I went on and recompiled mail-notification with ssl support, but then after switching from feisty to gutsy, same old story again.

    Now I have done a very simple solution:

    I installed stunnel4 and configured it in client-mode, so mail-notification is connectiong to localhost on different ports and stunnel is doing the ssl stuff.

    What to do:

    Code:
    sudo aptitude install stunnel4
    Go to /etc/stunnel and edit stunnel.conf

    Code:
    sudo gedit /etc/stunnel/stunnel.conf
    Code:
    ; stunnel configuration file
    
    ; Some security enhancements for UNIX systems - comment them out on Win32
    chroot = /var/run/stunnel4/
    setuid = stunnel4
    setgid = stunnel4
    ; PID is created inside chroot jail
    pid = /stunnel4.pid
    
    ; Some performance tunings
    socket = l:TCP_NODELAY=1
    socket = r:TCP_NODELAY=1
    compression = rle 
    
    ; Workaround for Eudora bug
    ;options = DONT_INSERT_EMPTY_FRAGMENTS
    
    ; Some debugging stuff useful for troubleshooting
    ;debug = 7
    ;output = /var/log/stunnel4/stunnel.log
    
    ; Use it for client mode
    client = yes 
    
    ; Service-level configuration
    
    [imaps1]
    accept = localhost:1143
    connect = mail.roessner.it-zahner.de:993
    
    [imaps2]
    accept  = localhost:1144
    connect = imap.some.other.server:993
    
    ; vim:ft=dosini
    Then you need to edit /etc/default/stunnel4:

    Code:
    # /etc/default/stunnel
    # Julien LEMOINE <speedblue@debian.org>
    # September 2003
    
    # Change to one to enable stunnel
    ENABLED=1
    FILES="/etc/stunnel/*.conf"
    OPTIONS=""
    
    # Change to one to enable ppp restart scripts
    PPP_RESTART=0
    There I have set ENABLED to 1.

    Now you can start stunnel4 and go on to the mail-notification setup

    Code:
    /etc/init.d/stunnel4 start
    You can configure mail-notification and point to localhost, in this example ports 1143 and 1144

    Advantage:

    - You will not miss any security updates on mail-notification
    - You never will need to recompile mail-notification again

    Disadvantage:

    - This is working perfectly on a single-user desktop, but might be problematic on multi-user scenaries. But, ask your local admin

  2. #2
    Join Date
    Mar 2006
    Beans
    111
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    @chrroessner

    Thanks, I just followed your howto and it worked beautifully on gutsy!

  3. #3
    Join Date
    Nov 2007
    Beans
    42
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    Hi guys...I followed all the instructions in the post but my mail-notification is not working...can someone help me?

    Thanks,

    Cris.

  4. #4
    Join Date
    May 2006
    Location
    Germany
    Beans
    Hidden!
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    Can you please give more detailed information, what exactly is not working?

  5. #5
    Join Date
    Nov 2007
    Beans
    42
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    Hi chrroessner....thanks for the reply! I tried with stunnel but it did not work. I kept saying it could not connect to the server. Anyways, I finally succeeded following the tips in this how to...

    Cris.

  6. #6
    Join Date
    May 2006
    Location
    Germany
    Beans
    Hidden!
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    Quote Originally Posted by Cris(c) View Post
    Hi chrroessner....thanks for the reply! I tried with stunnel but it did not work. I kept saying it could not connect to the server. Anyways, I finally succeeded following the tips in this how to...

    Cris.
    Well, I know that using stunnel does push a little more complexity, but I can not confirm the posters opinion.

    Setting on hold is IMHO a bad solution. Next dist-upgrade or security fix and I think you are out of luck with manuualy rebuilt packages. So for me, stunnel still is the better solution than recreating mail-notification.

    If I may speak honestly, I can not understand, why ssl or gnutls still is missing in mail-notification; even in intrepid!

    Christian

  7. #7
    Join Date
    Nov 2007
    Beans
    42
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    Quote Originally Posted by chrroessner View Post
    Well, I know that using stunnel does push a little more complexity, but I can not confirm the posters opinion.

    Setting on hold is IMHO a bad solution. Next dist-upgrade or security fix and I think you are out of luck with manuualy rebuilt packages. So for me, stunnel still is the better solution than recreating mail-notification.

    If I may speak honestly, I can not understand, why ssl or gnutls still is missing in mail-notification; even in intrepid!

    Christian
    Yup...I do agree with you in this last point: I can't understand why ssl is not included in mail-notification...it is pretty much non-sense since you can recreate it by rebuilding the package yourself....(or using stunnel as you suggested).

    Cris.

  8. #8
    Join Date
    Sep 2007
    Location
    Ukraine
    Beans
    33
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    chrroessner, Thanx a lot for the HowTo.
    I have an one question.
    My mail-notification are working with the stunnel4 but there's 2 troubles. The mail-notification always show more messages then there're ones. And after mail-notification showed about new messages it change tray icon to the envelope picture , I go to the FireFox , read the messages but the mail-notification doesn't change icon back, so I think some new messages have received. Can anyone help me to fix it ?
    please sorry me for my poor english

  9. #9
    Join Date
    Apr 2006
    Beans
    39
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    Thank you for this. This worked perfectly. Very useful tool.

  10. #10
    Join Date
    Jul 2009
    Beans
    Hidden!

    Arrow Re: [HowTo] Using mail-notification and stunnel4 to have SSL/TLS support

    There is also a PPA with mail-notification packages built with SSL support:

    https://launchpad.net/~mail-notifica...l/+archive/ppa

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •