Click for SpamPal's Homepage
Contents > LAN Mail Servers > Stunnel

Most email programs, when accessing their ISP, will send usernames/passwords/data in an un-encrypted form. However, some ISP's require you to have this information encrypted.

There are various methods of encrypting this data but this guide is only interested in setting up SSL encryption, using a free program called Stunnel.
Step 1 - Download Files

Download the following files (main site here)

http://www.stunnel.org/download/stunnel/win32/openssl-0.9.7c/libeay32.dll
http://www.stunnel.org/download/stunnel/win32/openssl-0.9.7c/libssl32.dll
http://www.stunnel.org/download/stunnel/win32/stunnel-4.04.exe
http://www.stunnel.org/download/stunnel/win32/stunnel.pem

::Top::
Step 2 - Install and Configure Stunnel
Create a folder called C:\stunnel and place the files you've just downloaded, ie. the Stunnel executable (*.exe), libssl32.dll, libeay32.dll and stunnel.pem files in it
Note: dll location
You can also copy libeay32.dll and libssl32.dll into \windows\system directory [\WINNT\system if using Windows XP]
Using a text editor like notepad, make a file containing what's in the box below. Copy the information to your clipboard by right clicking on the highlighted text and selecting Copy. Paste the information into notepad.
Note: Be sure that wordwrap is turned OFF.

Save the file as "stunnel.conf" (including the quotes if you're using notepad) and place it in the C:\stunnel folder. Note: The quotes prevent notepad from adding .txt to the end of the filename.

In the example configuration below, if you don't need IMAP then just remove the three lines under [imaps] and to keep things as simple as possible, we've just added the number 9 to the end of the standard port number.
Example: stunnel.conf
client = yes
debug = debug

[pop3s]
accept = 127.0.0.1:1109
connect = pop3s.myisp.com:995

[imaps]
accept = 127.0.0.1:1439
delay = yes
connect = imaps.myisp.com:993

[smtps]
accept = 127.0.0.1:259
connect = smtps.myisp.com:465

The only necessary changes that you will have to make are in the connect = field.

Change the pop3s.myisp.com (or imaps.myisp.com) example name, to whatever your incoming mail server is.

If you do not know what it is off hand, it should be stored in your email program. For example, in Outlook, if you navagate to:

Tools -> Email Accounts
Choose View or change existing email accounts under E-mail
Click Next

Then you can copy whatever is currently listed in the Incoming Mail Server: field.

Now change the example pop3s.myisp.com (or imaps.myisp.com) server names and type in your incoming mail server address (or paste what you have copied in outlook).

Now re-save your stunnel.conf file
The following connection structure 'flowchart' shows how Stunnel functions with SpamPal:

POP3: email_program:110 <> SpamPal:1109 <> Stunnel:995< ---> Your ISP's mail_server:995
IMAP: email_program:143 <> SpamPal:1439 <> Stunnel:993< ---> Your ISP's mail_server:993
SMTP: email_program:25 <> SpamPal:259 <> Stunnel:465< ---> Your ISP's mail_server:465

::Top::
Step 3 - Setup Stunnel to run
Right click on the stunnel exe file and select Create Shortcut. This will put a shortcut in the stunnel folder.

If you want to run Stunnel only when you need it, copy this shortcut to your desktop. If you would like Stunnel to run whenever your computer is turned on so it will be available whenever you need it, follow the instructions below.

Note: Running this program all of the time keeps certain ports open and could be a security risk. Your system will be more secure if you run it only when you need it.

Note: If you have a problem with the conf file when you run Stunnel, the txt file extension might be hidden and the file is really named stunnel.conf.txt. Open Explorer and select Folder Options from the Tools menu. On the View tab, uncheck Hide extensions for all file types. Then, locate the conf file and if it does have the txt extension, rename it to stunnel.conf.

Windows 95/98/ME

Right click on the taskbar and select Properties. Click on the Start Menu Programs tab. Click on the Advanced button. Click on the plus (+) to the left of Programs. Locate the StartUp folder and copy the Stunnel shortcut into it. Reboot. You should see the Stunnel icon in the systray after your system restarts.

Windows NT/2000/XP

Right click on the Stunnel shortcut and select Properties from the drop down menu. Enter a space and -install following the target path. The target should look something like this...

C:\stunnel\stunnel-4.00.exe -install

Click on the shortcut. You will get notified that Stunnel has been installed as a service. Click on the Start button and select Run. Type services.msc without the quotes in the Open box and hit OK. Locate the Stunnel service, right click on it and select Start. You should see the Stunnel icon in the systray

::Top::
Step 4 - Configure your email program (POP3)
You now need to configure your email program, to use Stunnel, in this example, we'll just configure the POP3
protocol.

Incoming Mail (POP3) : 127.0.0.1

Account name : my_isp_login_name@127.0.0.1:1109
Password : your_password
Following this change, your email program, talks to SpamPal on it's normal pop3 port 110.

SpamPal then receives a request to talk to 127.0.0.1 on port 1109 (which is Stunnel).

As Stunnel is looking at port 1109, it sees SpamPal's request, secures it and then forwards it onto your
ISP's secure pop sever (on the standard port 995)

::Top::
Step 5 - Configure your email program (IMAP4)
You now need to configure your email program, to use Stunnel, in this example, we'll just configure the IMAP4
protocol (using Outlook 2002)

Go to Tools -> Email Accounts
Choose View or change existing email accounts under E-mail
Click Next

Highlight your IMAP email account
Click Change

Change the Incoming Mail Server (IMAP): field to 127.0.0.1

Add @127.0.0.1:1439 to whatever you previously had in the User Name: field

For example, my new User Name field looks like this: thomasdr@127.0.0.1:1439

Make sure that Logon using Secure Password Authentication is UNCHECKED

Click on More Settings

You can browse through the settings and add in a name for the account or your connection type [lan/dialup] in the fields that are listed, but we are interested in the Advanced tab.

Make sure that Incoming server (IMAP) is set to 143
 Make sure that This server requires a secure connection (SSL) is UNCHECKED

Make sure that Outgoing server (SMTP) is set to 25
Make sure that This server requires a secure connection (SSL) is UNCHECKED

The reason why you are leaving the SSL boxes unchecked [even if your service provider tells you to do so] is that Stunnel will take care of the SSL part. If you leave these boxes checked, you will probably end up with an error message or not be able to connect.

8. Click OK
Click Next
Click Finish


::Top::
Step 6 - Configure SpamPal
Spampal should be correctly configured from the start, but open the Spampal Options menu and just check to make sure that Port 143 is used for IMAP4 in the Connections tab under Spampal for Windows.

::Top::

Annotations

Users can now annoate manual pages with their own hints and tips. To share your insights with your fellow SpamPal users, you can use the form of the bottom of the page.

Annotate this page

Unfortunately, owing to a high volume of attempted abuse, new annotations are no longer being accepted for this page. Please accept my apologies for any inconvenience caused.