This is an old revision of the document!


Can I use POPFile if I want to use SSL connections to my server?

The good news is: Yes, you can use POPFile over SSL connections!

POPFile 0.22.0 (or later) can make SSL connections to mail servers if some optional Perl and OpenSSL components are installed. For Windows systems all of these optional SSL files can be downloaded from the University of Winnipeg repository when POPFile is installed.

Windows version of POPFile

POPFile 1.0.0 (or later)

The Windows installer for POPFile 1.0.0 (or later) can download the necessary SSL Support files if the “SSL Support” option is selected when installing or upgrading POPFile.

SSL support can be also be added or updated after installation by using the “Change” option in the “Add/Remove Programs” entry for POPFile 1.0.0 or later.

The installer also has a special mode which can be used to add the SSL files to an existing installation:

setup.exe /SSL

This special mode can also be used if the installer was unable to download all of the necessary SSL files at install time.

POPFile 0.22.5 (or later)

The Windows installer for 0.22.5 can download the necessary SSL Support files if the “SSL Support” option is selected when installing or upgrading POPFile. The installer also has a special mode which can be used to add the SSL files to an existing 0.22.5 (or later) installation:

setup.exe /SSL

This special mode can also be used if the installer was unable to download all of the necessary SSL files at install time.

POPFile 0.22.3 and 0.22.4

Although the 0.22.3 and 0.22.4 installers offer the option to download and install the SSL Support files the files they download are no longer compatible with POPFile. If you use this installer option POPFile's SSL mode will not work properly.

If you want to use SSL with POPFile 0.22.3 or 0.22.4 then you should use version 0.2.1 (or later) of the POPFile SSL Setup wizard (629 KB zip file) to add these files to POPFile. This wizard will patch the downloaded files to make them compatible with POPFile.

  • Note: The SSL Support files which are downloaded from the University of Winnipeg have been updated several times since POPFile 0.22.3 and 0.22.4 were released so it is important that an up-to-date version of the POPFile SSL Setup wizard is used to patch the SSL files.

POPFile 0.22.0, 0.22.1 and 0.22.2

The Windows installers for 0.22.0, 0.22.1 and 0.22.2 cannot download the necessary SSL Support components so a separate POPFile SSL Setup wizard (629 KB zip file) has been provided to add these extra components.

POPFile 0.22.0, 0.22.1 and 0.22.2 require old versions of the SSL Support files which are compatible with the minimal Perl used by POPFile so the SSL Setup wizard installs old SSL files instead of downloading and patching the current SSL files.

POPFile SSL Setup wizard's "/BUILTIN" mode

Since there will always be a delay between incompatible SSL files appearing on the University of Winnipeg repository and the SSL Setup wizard being updated to cope with these new files, version 0.1.7 (or later) of the wizard can install some old SSL files instead of downloading the latest versions.

These old SSL support files are compatible with POPFile 0.22.0, 0.22.1, 0.22.2, 0.22.3 and 0.22.4. To force the wizard to install these old files instead of downloading the latest files from the University of Winnipeg repository use the command

addssl.exe /BUILTIN

Cross-Platform Version of POPFile

If you need SSL support and have a full Perl installation, you need to install the following additional Perl modules:

  1. IO::Socket::SSL (IO-Socket-SSL.ppd)
  2. OpenSSL (should install automatically with above packages)
  • Note for non-Windows users (e.g. Mac OS X v10.4.2, SuSE 9.0): if your system has IO::Socket::SSL v0.97 or v0.99 you may need to update to IO::Socket::SSL v0.991 or later, or revert to IO::Socket::SSL v0.96 to get POPFile's SSL support to work properly. The current version (v1.18) of IO::Socket::SSL is compatible with POPFile.

Email Client configuration

After adding the necessary SSL files to the POPFile installation the email client can be configured to make POPFile use SSL. In your email client change the username to host:995:username:ssl. If you are using 0.22.3 or later you can change the username to host:username:ssl (i.e. just add ':ssl' to the normal value for POPFile-enabled accounts).

Please note that the SSL connection is between POPFile and the mail server, so do not configure the email client to use SSL for this account (POPFile will not accept an SSL connection from your email client). If you previously had your email client set to make an SSL connection to the server you must turn that off.

Note: Windows users should disable forking (this is the default setting) when using SSL connections. If you have enabled forking you can disable it by one of the following:

  • changing the “Allow concurrent POP3 connections” setting from “Yes” to “No” on the Configuration page
  • changing the “pop3_force_fork” parameter on the Advanced page in the UI from “1” to “0”
  • shutting down POPFile and editing the “pop3_force_fork” setting in the popfile.cfg file (0 = disabled)

See also:

 
faq/ssl.1228328391.txt.gz · Last modified: 2008/12/03 19:19 (external edit)

Should you find anything in the documentation that is incomplete, unclear, outdated or just plain wrong, please let us know and leave a note in the Documentation Forum.

Recent changes RSS feed Donate Driven by DokuWiki
The content of this wiki is protected by the GNU Fee Documentation License