I have found out how to do this, just now. I don't run stunnel in daemon
mode. I use tcpserver. Here is the line I use to start it.
exec /usr/local/bin/softlimit -m 1000000 \
/usr/local/bin/tcpserver -R -H -D -c 100 -v \
-u vpopmail -g vchkpw 0 pop3s /usr/local/sbin/stunnel -T -p
/usr/local/etc/stunnel.pem -l /var/qmail/bin/qmail-popup -- qmail-popup
mail.oregonfast.net /usr/local/vpopmail/bin/vchkpw
/var/qmail/bin/qmail-pop3d Maildir 2>&1
You will of course need to change the mail server name, and the paths to
vchkpw and your PEM file.
Works like a charm.
Hubbard, David writes:
> Hi all,
> I'm not sure which list this would be most appropriate for so
> I'm starting here.
>
> If you're on this list then I'm sure you're familiar with the vpopmail
> package, you know that it has the ability to allow temporary
> relaying after someone authenticates with pop3. I'm trying to do
> that with SSL encrypted POP3 provided by stunnel, everything
> already works great with default tcpserver served pop3 authenticating
> through vchkpw..
>
> Since things work fine with standard POP3 with connections
> served by tcpserver, I'm guessing that tcpserver must be setting
> up some environment variable with the remove host's IP address
> that vchkpw can extract out and put into the relaying file. Stunnel
> must not do this. I do have stunnel set with the -T option which
> supposedly makes the connection provided to qmail-popup look
> like it's coming from the actual host and not stunnel. This definitely
> works because my syslog does record who comes in via SSL-POP3
> correctly, vchkpw just doesn't set the relay file.
>
> Has anyone run into this problem or know where I should start
> looking to fix it?
>
> Thanks,
>
> Dave
>
