> > Thanks Nate. > SM is currently running on the IMAP server. But if I connect to SM from > across the Internet (not on the local network), then isn't my login > information sent in plain text ? > > I'm not familiar with stunnel. I'll check 'man stunnel'. Any links you > might have would be appreciated.
if it's on the same server, run SM under apache-ssl or apache+mod_ssl or some other SSL-enable webserver. then your login information will be protected(as protected as you can get with SSL). as for stunnel, you shouldn't need it since SM is on the same system, just have it login to localhost, there's no reason to encrypt logins if your logging into localhost, the only way to sniff such logins would be to have root access on the system and if someone had that then you got more serious problems then encrypting logins! I personally run SM under apache-ssl. I also use apache, it does automatic redirects to my ssl site, so I don't have to enter the https:// stuff ..I just put the hostname in and it redirects. stunnel is real handy though, I use it to tunnel LDAP traffic and MySQL traffic along with a few other things as the situation demands. I have only used it in client/server mode which means setting up a stunnel server on the server and any number of clients can connect to it. Though a downside is since it is a tunnel there is no real way to uniquely identify remote hosts, everything logging in will look to be from the local system, since the data is forwarded accross the tunnel, once it reaches the server, it is forwarded yet again to the local port on the server. I don't have a url handy but theres lotsa docs out there if your curious about it. I first started using it with mysql and I think I just put stunnel mysql into google and within a few seconds I found the command line to use with it. good luck. nate -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
