Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
icon1.gif   Elog and SSL, posted by Recai Oktas on Sun Mar 16 19:15:16 2003 stunnel_with_smtp_pop3.txt
    icon2.gif   Re: Elog and SSL, posted by Stefan Ritt on Fri Mar 21 16:24:05 2003 
       icon2.gif   Re: Elog and SSL, posted by nick on Mon Mar 31 12:44:33 2003 
    icon2.gif   Re: Re: Elog and SSL, posted by Recai Oktas on Fri Mar 21 16:52:12 2003 
Message ID: 249     Entry time: Sun Mar 16 19:15:16 2003     Reply to this: 256   257
Icon: Entry  Author: Recai Oktas  Author Email: roktas@omu.edu.tr 
Category: Info  OS:   ELOG Version:  
Subject: Elog and SSL  
> Basically im running elog on a redhat 8 box with stunnel already installed 
> as part of OpenSSL, on the server i ran the command specified in the 
> instructions
> 
> stunnel -d 443 -r 172.16.24.108:81

I haven't tried `stunnel` with elog, but as far as I read from various
sources, stunnel requires you to create an SSL certificate. In attachment,
you'll find a sample case for stunnel and smtp (port 25) + pop3 (port 110).
Hope this helps.

Reference: http://www.tldp.org/linuxfocus/common/sart/index.html
Attachment 1: stunnel_with_smtp_pop3.txt  1 kB  Uploaded Fri Mar 21 16:53:57 2003  | Hide | Hide all 
EZ Email Security With Stunnel
by Pat Parsons

This is a little crash course in how to setup email over SSL painlessly using
Stunnel. First you need to have installed a mail transfer agent to handle the
SMTP portion of the mail. Then you need to have installed either an IMAP server
or a POP3 server. Many distributions come with Stunnel, if yours does not you
can get it from http://www.stunnel.org. Stunnel requires that you have OpenSSL
or SSLeay installed first. This should come with your distribution. Generally
if you have SSH installed you also have a SSL library.

Get and install Stunnel. I am not going into detail on that because if you are
at this point you probably already know how to do so. Make a SSL certificate
for use with Stunnel. OpenSSL provides a makefile to do just that. In my
distribution it is located in /usr/share/ssl/certs . CD to that directory and
type make stunnel.pem to create the certificate that is named stunnel.pem. Now
you need to a few lines to your rc.local file to start Stunnel at bootup
(assuming you ever reboot that is) these lines are:

  /usr/sbin/stunnel -d 995 -r 110
  /usr/sbin/stunnel -d 465 -r 25

This will start stunnel listening on port 995 for POP3 and 465 for SMTP. Now
all you need to do is edit the options for your mail client and there you go.
No need to worry about cleartext email passwords. If you are too impatient to
wait for the next reboot you can type the commands given previously to start
Stunnel right away. There may be some problems with certificate validation for
some email clients. Make sure when asked by the makefile you get the server
name correct. If your email client will not let you add certificates you may
need to change or obtain a certificate from a certification authority. If you
cannot get the certificate vaidation worked out there is no way to ensure that
you are connecting to the correct machine. Have a nice day.
ELOG V3.1.5-fe60aaf