226
Chapter 15. Email
15.6.2. Secure Email Servers
Offering SSL encryption to IMAP and POP users on the email server is almost as easy. Red Hat Linux
also includes the
stunnel
package, which is an SSL encryption wrapper that wraps around standard,
non secure network traffic for certain services and prevents interceptors from being able to "sniff" the
communication between client and server.
The
stunnel
program uses external SSL libraries, such as the OpenSSL libraries included with Red
Hat Linux, to provide strong cryptography and protect your connections. You can apply to a Certificate
Authority (CA) for an SSL certificate, or you can create a self signed certificate to provide the benefit
of the SSL encrypted communication.
To create a self signed SSL certificate, change to the
/usr/share/ssl/certs/
directory, type the
make stunnel.pem
command, and answer the questions. Then, use
stunnel
to start the mail dae
mon that you wish to use.
For example, the following command could be used to start the IMAP server included with Red Hat
Linux:
/usr/sbin/stunnel d 993 l /usr/sbin/imapd imapd
You should now be able to open an IMAP email client and connect to your email server using SSL
encryption. Of course, you will probably want to go a step further and configure your
stunnel
wrapped IMAP server to automatically start up at the correct runlevels.
For more information about how to use
stunnel
, read the
stunnel
man page or refer to the docu
ments in the
/usr/share/doc/stunnel version number
directory.
Alternatively, the
imap
package bundled with Red Hat Linux contains the ability to provide SSL
encryption on its own without
stunnel
. For secure IMAP connections, create the SSL certificate by
changing to the
/usr/share/ssl/certs/
directory and running the
make imapd.pem
command.
Then, set the
imapd
service to start at the proper runlevels.
You can also use the
ipop3
package bundled with Red Hat Linux to provide SSL encryption on its
own without
stunnel
.
15.7. Additional Resources
Many users initially find email programs difficult to configure, primarily due to the large number of
options available. Below is a list of additional documentation to help you properly configure your mail
applications.
15.7.1. Installed Documentation
Information about how to configure Sendmail is included with the
sendmail
and
sendmail cf
packages.
/usr/share/doc/sendmail/README.cf
Contains information on
m4
, file locations for
Sendmail, supported mailers, how to access enhanced features, and more.
/usr/share/doc/sendmail/README
Contains information on the Sendmail directory
structure, IDENT protocol support, details on directory permissions, and the common problems
these permissions can cause if misconfigured.
In addition, the
sendmail
and
aliases
man pages contain helpful information covering various
Sendmail options and the proper configuration of the Sendmail
/etc/mail/aliases
file, respec
tively.
footer
Our partners:
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Jsp Hosting
Cheap Hosting
Visionwebhosting.net Business web hosting division of Web
Design Plus. All rights reserved