Ken Wahl wrote:
>
> Hey all,
>
> I read "Mail the Unix way" at MandrakeUser.org and set up a
> postfix/fetchmail/procmail system that works quite nicely but I want to
> add SSL support. I installed openSSL and Stunnel but am stumped on where
> to go from here. The man pages for the programs were a little *cryptic*
> and the software's homepages were not really helpful.
>
> What I am trying to do is have fetchmail retrieve my mail from my pop3
> server at my ISP, and postfix send my mail to the SMTP server at my ISP,
> using SSL. My ISP does support it according to its webpage.
Have you looked at <http://mandrakeuser.org/secure/sssh5.html>, which
tells you how to tunnel POP through SSH? Looks like this is the sort of
thing you're trying to do. You might want to start reading at
<http://mandrakeuser.org/secure/sssh.html> to get the full picture. I
haven't been able to set this up, my ISP (university) won't let me, but
just from looking at the page this would encrypt POP passwords sent to
your ISP, and also all mail downloaded. I'm not sure about sending mail,
you might be able to similarly tunnel it through SSH using a command
something like 'ssh -f -C [EMAIL PROTECTED] -L
1234:smtp.yourisp.com:25 sleep 5'. Then you'd have to get Postfix to
send mail through the SSH tunnel. But actually, I don't know why you'd
want to send mail in this way - the main purpose of setting up an SSH
tunnel like this is to encrypt passwords, so unless your ISP requires a
password for SMTP there's really no need for it. Remember that
encryption between you and your ISP doesn't carry over into the net - if
you want to send secure mail (ignoring password issues) you have to use
PGP or similar to encrypt it anyway. If you want to be *really* secure,
get rid of PGP and send plain text messages using an unbreakable cipher
- eg 'I am a pink elephant' == 'Explode everything now, they know our
plans'. As a completely unrelated aside, I AM A PINK ELEPHANT.
HTH,
Tom
