Came here from the web? Check out the homepage!

SSL, STARTTLS, and SMTP AUTH

Checking today's email with your 68k Macintosh

a technical discussion by Tyler Sable, spam at fenestrated separated by dot from net
find me on the 68kMLA forums:: TylerEss

Introduction and History | System Requirements | Receiving Mail with SSL
Sending Mail by the Preferred Method | Sending Mail by the Alternate Method
Future Plans | Using Multiple Accounts | For the PPP (dialup) Mac

Receiving Mail with SSL

Most modern mail servers are just like the older ones that our email clients were programmed to work with, with one important exception: they now use encrypted communication via SSL. Luckily, the sTunnel software package provides exactly the tool we need to help our old email client talk nicely with a new email server.

Note that your helper computer cannot already be a mail server itself. Our sTunnel program is going to sit on the helper computer and LOOK LIKE a mail server, so if the helper computer is already a mail server, that's going to cause a little bit of a conflict. :-) If you're already running a mail server on your helper computer, I'll assume you're knowledgeable enough to run sTunnel on an alternate port.

Setting up the "helper" computer

Download the sTunnel package suitable for your modern computer.

sTunnel Configurator includes everything you need to configure sTunnel simply by answering the questions. Click Here!

To install sTunnel on most any UNIX machine (including MacOS X) should be as easy as

1)Becoming Root (using the command 'su', or prefacing the following commands with 'sudo')
2)Unpacking the Tarball with "tar -xzvf stunnel-version.tgz"
3)Changing into the sTunnel source directory "cd stunnel-version"
4)Configuring source for your machine "./configure"
5)Building the Software "make"
6)Installing the Software "make install"

If you're running one of the Windows builds of sTunnel, the documentation will help you get it installed, and ready to configure using the same config file information.

If you have trouble, the friendly folks who support sTunnel will be glad to help. Once you've got stunnel installed, putting the next few lines into your /etc/stunnel/stunnel.conf should get you started email checking:

client=yes
foreground=no
[servicename]
accept=pop3
connect=popserver.address:popserver_port

For example, I have the following lines in my /etc/stunnel/stunnel.conf for checking GMail:

client=yes
foreground=no
[gmail]
accept=pop3
connect=pop.gmail.com:995

This config file shows that we want sTunnel to be in client mode, which means that it takes your client program and wraps its traffic up in SSL for you. Foreground=no is because we don't want sTunnel to be hanging around in plain view on the helper computer, getting in the way. [gmail] is the start of a Service Definition, which means that all the lines that follow (until another Service Definition) apply only to this Service.

Accept=pop3 lets sTunnel know that your 68k Mac will be trying to connect on port 110, which is also called pop3. Connect=pop.gmail.com:995 is because GMail's POP support page told me that their POP hostname was pop.gmail.com and to be sure to connect to port 995.

Setting up the mail client

Follow the directions that came with your email client to set it up for checking POP mail. When it asks for the POP or Mail server name, use the name or address of your helper computer.

For example, my Helper computer's address is 192.168.1.254. Here's what my Eudora Lite configuration window looks like: (Note that Eudora Lite has no separate box for "username", so you simply put "username"@"helperaddress")

Now, simply check mail normally.

Troubleshooting

If you find that your mail is not accessible, try adding these lines to the beginning of your sTunnel config file and restarting sTunnel:

debug=debug
output=stunnel.log

When you read stunnel.log, it will provide insight as to why you're unable to check email. Check that all your stunnel.conf settings are correct, and that your email client is configured correctly. Once you've got things fixed, make sure to remove the two above lines from your sTunnel configuration file--that log file can get big really fast!

Top

Text and Images copyright 2005 Tyler Sable. Distributed under the terms of the GNU FDL.
Mirroring of this document is actively encouraged. For details, click here.