Pegasus Mail (POP3) and SSL HOWTO

Stop the Presses! Pegasus Mail versions 4.11 and greater now support SSL internally, the following instructions are now deprecated. However, they're still valid for people using versions previous to 4.1.

Table of contents

• Gathering Software
• Setup
• Using
• Links

Gathering Software

• Pegasus Mail - (using version 3.12c)
• stunnel - (using version 3.22)
• Version 4 is out, see the links section for a walkthroughs. Either version does the job.
• Batch files

Setup

stunnel setup

1. Download the latest 3.X Windows binary. Massive changes in version 4 are not documented.
• I recommend saving it in the same directory as Pegasus Mail.
• The filename is convoluted with the version number. Rename it to stunnel for ease of use.


2. Download the two pre-compiled SSL libraries (near the bottom of the page with the stunnel binary) into the windows/system/ or winnt/system32/ directory.
• If you miss these files ssltunnel will not work


3. Drop to an MS-DOS box (command prompt), change to the Pegasus Mail directory, and execute this command:
   • stunnel -c -d 110 -r Your_UW_NetID.deskmail.washington.edu:995
   • You'll need to change the line, perhaps dropping the first part of the address, if your mail server is outside of the UW
   • Replace Your_UW_NetID with, well, Your UW NetID.

You should see something similar to:

2001.11.27 18:48:17 LOG5[16362823:16463459]: Using 'Your.UW.NetID.deskmail.washington.edu.995' as tcpwrapper service name 2001.11.27 18:48:18 LOG5[16362823:16463459]: stunnel 3.22 on x86-pc-mingw32-gnu WIN32 with OpenSSL 0.9.6b 9 Jul 2001 2001.11.27 18:48:18 LOG5[16362823:16463459]: FD_SETSIZE=4096, file ulimit=-1 (unlimited) -> 2000 clients allowed

Minimize the window and continue to the next step.

Pegasus Mail setup

Note: Even with the secure connection mail can not be sent to a non-UW address from a non-UW IP address:

Due to abuse of the UW email server systems by people relaying junk email we were forced to disallow relay of email unless the sender is directly connected to the UW network or if the recipient's address on the message is at the UW.

One Of These Days the UW will get around to enabling authenticated SMTP services. Until then, either dial-in to the modem pool, use SSH, or use your non-UW ISP as the outgoing mailhost.

Using

1. stunnel + Pegasus Mail
• Use this file when stunnel isn't started and you want immediate access to Pegasus. After launching, stunnel will remain minimized in the taskbar. Run Pegasus from its normal icon after exiting this first instance.
• Remember to edit the file to reflect your UW NetID and Pegasus Mail user ID.
2. stunnel only
• Useful in the StartUp folder. This launches stunnel in a minimized state but doesn't call Pegasus.
• Remember to edit the file to reflect your UW NetID.

Or download this ZIP file with both batch files.

If you get annoyed at the stunnel box taking up room in the taskbar, download TrayIt!, a great freeware application that sends (almost) any window to the system tray.

Links

• stunnel 4.x configuration file
• Instructions and a sample stunnel config file from Leslie Viljoen
• http://www.econ.duke.edu/~simpona/pmail-stunnel/pmail-stunnel.html
• Instructions for setting up stunnel 4.x from Patrick Daniels.
• http://www.cs.cf.ac.uk/System/intro/16/node1.html
• Mostly geared towards using Pegasus with IMAP.
• http://www.uni-freiburg.de/rz/pc/software/stunnel/
• In German, but lots of great information.
• http://www.washington.edu/computing/security/central.html
• All about the UW's secure software effort.
• stunnel and NNTP (USENET)
• Want USENET? Off-campus? Problem solved!

Last updated: 30 April 03
Questions/Comments
Return Home