Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Software - Troubleshooting and Discussion > macOS > Secure IMAP / stunnel other options?

Secure IMAP / stunnel other options?
Thread Tools
daqman
Forum Regular
Join Date: Sep 2000
Location: Newport News,VA,USA
Status: Offline
Reply With Quote
Dec 14, 2000, 10:47 PM
 
I work for the Department of Energy who recently went security crazy even in places with no nuclear secrets like the one where I work. All access to our E-mail server is via IMAP encrypted via stunnel (SSL).

At the moment I am reading mail using MS Entourage which supports SSL and IMAP. I was sad to find that the MacOS X inbuilt mail, although supporting IMAP, doesn't support SSL.

I thought to use stunnel to encrypt and point mail at some port on "localhost" but I can't get stunnel compiled because it wants OpenSSL which I haven't managed to get configured for X.
So,
1) Anyone got stunnel or OpenSSL for MacOS X?
2) Anyone got a good SSL-IMAP mail client native to OSX (carbone etc will do. Just don't want to have to start up classic just to read my E-mail ;^)
Beware of geeks bearing Gifs
     
Mniot
Forum Regular
Join Date: Dec 2000
Status: Offline
Reply With Quote
Dec 15, 2000, 06:57 PM
 
Well, I got openSSL to compile in OSX. You can get it from Apple's Darwin CVS repository. I'm not sure if it's working, but it compiles without complaint, which is a good start...
     
daqman  (op)
Forum Regular
Join Date: Sep 2000
Location: Newport News,VA,USA
Status: Offline
Reply With Quote
Dec 15, 2000, 09:16 PM
 
Ok, got it working, stunnel that is. Wasn't too hard (it's unix after all!!).
I went to www.osxzone.com and found a link to how to set up an SSH server on osx. I needed this to so started from there. The instructions http://www.osxzone.com/stories.php?s.../11/17/7797040 lead you through downloading and installing Apple's hacked source for OpenSSL.
Next I took a copy of the latest stunnel from http://www.stunnel.org and ran...
./configure --host=ppc-bsd
..which seemed to do the right things. Then make and make install.

The stunnel command line I used was...

stunnel -c -d 5000 -r mailserver:993 -B 100 -E /Users/daqman/.gnupg/entropy -f

... which runs stunnel in the foreground so you can keep an eye on care and feeding. The tough part was that it didn't work at first. The ssl layer needs as random number seed. The only way I could get this to work was by installing egd with the osx patch (Instructions on http://www.macsecurity.org/resoures/gpg/ ). The -E option loads random seed from the unix socket called entropy.

So now it all works. I start stunnel using the command line from above and point the inbuilt OSX mail IMAP mail client at port 5000 on the local host. By the magic of unix my e-mal is downloaded from the secure IMAP server!!!

Isn't OsX nice. I'm glad I'm also an apple shareholder! ;^)
Beware of geeks bearing Gifs
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 10:47 PM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,