File: README.ssl

package info (click to toggle)
websieve 0.62-1
  • links: PTS
  • area: main
  • in suites: sarge
  • size: 276 kB
  • ctags: 92
  • sloc: perl: 3,532; makefile: 53
file content (33 lines) | stat: -rw-r--r-- 1,528 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
SSL encryption for remote servers with Websieve
Method 1

You can turn on SSL connections by setting the variables $useimapSSS=1 and $usesieveSSL=1 in websieve.conf.  Also ensure you set the correct SSL'ized ports for $imapport and $sieveports.  You may instead if you have more then one server enter the correct settings in hash %server_hosts in websieve.conf.
This method uses the SSL option in the IMAP::Admin and IMAP::Sieve perl modules.
You must also have Openssl, Net_SSLeay, and IO::Socket::SSL installed on your system.  See the IMAP::Admin SSL section for more info.


Method 2

This is an example setup on using stunnel to encrypt websieve connections
to remote imap/sieve servers using an ssl session.


Imap server

stunnel -d imaps -r localhost:imap
stunnel -d sieves -r localhost:sieve

Websieve client

stunnel -c -d localimapport -r imapserver:imaps
stunnel -c -d localsieveport -r imapserver:sieves 

Where "sieves" is a tcp port of your choice since there is no standard SSL'ized
sieve port as far as I know. Just make sure it does'nt conflict with an existing port.

You also have to make sure to point websieve.conf $sieveport->localsieveport and
$imapport->localimapport.  Those 2 ports are also arbitrary ports on the local machine of your choosing.  Again make sure they don't conflict to anything else and also restrict them (tcp wrappers - host.deny, hosts.allow) to access from the localhost only.

See the Stunnel docs for more info.

You can find all the required modules in directory /websieve/ssl