XMailforum is a readonly knowledge archive now.

Registering as a new user or answering posts is not possible anymore.

Might the force be with you, to find here what you are looking for.

2019-09-20 - hschneider, Admin

Cookie Disclaimer: This forum uses only essential, anonymous session cookies (xmailforum*), nothing to be scared of.

XMail Forum [Powered by Invision Power Board]
Printable Version of Topic
Click here to view this topic in its original format
XMail Forum > Documentation and Knowledge Base > External SSL POP3 Accounts


Posted by: RaveRod Jan 15 2004, 02:55 PM
I use XMail to manage our internal email and the gather all our email from various POP3 accounts externally.

I have recently been asked to add a POP3 account that uses an SSL connection to download email from it.

Is there any way to do this using XMail? Neither CLR or APOP work in this situation.

I'm just hoping there is a way or it could be a major setback in the use of XMail in our company.

Posted by: hschneider Jan 15 2004, 03:47 PM
Hmmm ... Just try to connect by adding ":995" (the POP3_SSL port no.) to your pop3linktab's target server entry. E.g
"@home.bogus.com" "dlibenzi" "domain.com:995" "dlibenzi" "XYZ..."

Being very interested in your feedback.

Posted by: RaveRod Jan 16 2004, 04:45 AM
Unfortunately that doesn't seem to work either. Are there any other ideas on how this could work?

Maybe this functionality could be included in a later release of XMail?

Posted by: bim Jan 16 2004, 10:01 AM
You should be able to do this using http://www.stunnel.org/. Set up stunnel to listen to (for example) port 1995 and have it forward all trafic from that port via a secure connection to port 995 on the POP3 machine you want to contact.

Now your settings for xmail should look like this:
"@home.bogus.com" "dlibenzi" "localhost:1995" "dlibenzi" "XYZ..."

Have a look at the stunnel website to see how to set up stunnel. I use an older versin of stunnel on Win32, so I'm not sure if I'll be able to help you with that.

Posted by: RaveRod Jan 18 2004, 03:02 PM
Thanks for that bim. I'll look into it right away. I'll let you know how it went.

I'm really glad I found something because I really don't want to change from XMail. I love it's easy of use (for me at least) and maximum control.

Posted by: hschneider Jan 19 2004, 08:22 PM
Secure POP3 does not need stunnel on client side. You only have to deal with stunnel when you want to setup POP/SSL on your server.

The problem here is using an already existing tunnel which needs authenticaton.

As I discovered so far, this will fail because XMail does NOT support SSL authentication via POP3 (BTW: most common mailservers like sendmail or qmail do NOT support this - so don't worry ...).

But: you can plug in this functionality by using fetchmail:

If you are on a Windows platform ...
- Get the the latest cygwin package from http://cygwin.com
- Check fetchmail in your setup dialog.
- After installation: Make sure to set your system's search path to cygwin's bin folder

On Linux..
- Install fetchmail with your package manager

After installation:
- Create a file named .fetchmailrc in a folder of your choice (e.g. in your MailRoot).

Assume the following scenario:
- Your popserver is ssl.pop.kundenserver.de,
- your mailboxname is user1 and
- your password is pass1.
- XMail accepts mails at 127.0.0.1 (= localhost).
- Mail headers should be rewritten to your local domain which is named intra.net

Then the content of your .fetchmailrc is

CODE

poll ssl.pop.kundenserver.de
protocol pop3
user user1 with pass pass1 is user1 here
smtphost localhost
fetchall


- Create a script, which calls fetchmail with the following content:

CODE

fetchmail --ssl -f .fetchmailrc


- Put this script on your system's scheduler.

Prepare XMail ...
- Add this to your aliasdomain.tab:

CODE

"localhost" "intra.net"    


- Add this to your smtprelay.tab:

CODE

"127.0.0.0" "255.255.255.0"


What does it do?
- Fetchmail authenticates on the remote system's port 995 through a SSL tunnel.
- It collects all mails from the POP account,
- replaces the domain part with the localhost and
- redirects them to XMail's SMTP port 25 (on localhost in our example)
- XMail receives them as usual,
- checks if 'localhost' is an alias in aliasdomain.tab,
- replaces the alias with the original name (here intra.net) and
- sorts them into its local mailboxes.

Fetchmail supports a wide range of protocols, with or without SSL encryption. So it is very easy to connect various other external POP or IMAP servers to your XMail machine:

QUOTE

POP2  Post Office Protocol 2 
POP3  Post Office Protocol 3 
APOP  POP3 with old-fashioned MD5-challenge authentication. 
RPOP  POP3 with RPOP authentication. 
KPOP  POP3 with Kerberos V4 authentication on port 1109. 
SDPS  POP3 with Demon Internet’s SDPS extensions. 
IMAP  IMAP2bis, IMAP4, or IMAP4rev1 (fetchmail autodetects their capabilities). 
ETRN The ESMTP ETRN option. 
ODMR  The On-Demand Mail Relay ESMTP profile. 



Take care:
When testing, keep in mind that fetchmail deletes all mails from your POP account after retrieval. If they are redirected e.g. to a non existing smtphost, they will disappear forever. So testing with a dummy account first is recommended.

If you cannot run a dummy account, add the following line to your .fetchmailrc before the fetchall command, while testing:

CODE

keep


This will keep the messages in your POP box.

More about fetchmail:
http://www.catb.org/~esr/fetchmail/
http://www.catb.org/~esr/fetchmail/fetchmail-man.html
http://www.catb.org/~esr/fetchmail/fetchmail-FAQ.html

Posted by: RaveRod Jan 19 2004, 11:42 PM
Hmm... thanks a lot hschneider. The stunnel option didn't work for me (XMail seemed to want to stay connected to stunnel).

I'll try fetchmail and see what turns up.

Posted by: hschneider Jan 20 2004, 06:55 AM
This will work 100%. Just let me know, if you got stuck somewhere. I have put some minor tweaks in the article above, but it also works with the original recipe.

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)