>>The only challenge in setting up stunnel is in obtaining a >(self-signed?) certificate. And that very same challenge will not go >>away if and when dbmail acquired STARTTLS capabilities.
>Perhaps I am missing something: the tunnel is only active server side >and joe-user need only click "use ssl" in their mail client, or they >must create a tunnel from between their desktop and the server, and >point their mail client at localhost? (I am hoping not but this is >how I understand it to work after hours of searching. An example with >webdav: > >http://www.macosxhints.com/article.php?story=20040303143205326) If the client supports ssl all they need to do is tick the use ssl box. >Appreciated but I am still hung up on the structural issue of what >client configuration is necessary, having not used stunnel yet. Running stunnel is fairly straight forward the only real downside to using stunnel over a native imap_ssl is if you're using pop-before-smtp. Since remote connections come through the stunnel daemon and then go out via localhost to imap, any remote ip information is lost. There are lots of good docs on the stunnel.org website. S
