mutt
.
mutt
offer SSL-encrypted email sessions.
POP
and IMAP
protocols pass authentication information unencrypted, it is possible for an attacker to gain access to user accounts by collecting usernames and passwords as they are passed over the network.
IMAP
and POP
have known port numbers (993
and 995
, respectively) that the MUA uses to authenticate and download messages.
IMAP
and POP
users on the email server is a simple matter.
Avoid using self-signed certificates
IMAP
or POP
, change to the /etc/pki/dovecot/
directory, edit the certificate parameters in the /etc/pki/dovecot/dovecot-openssl.conf
configuration file as you prefer, and type the following commands, as root
:
dovecot]#rm -f certs/dovecot.pem private/dovecot.pem
dovecot]#/usr/libexec/dovecot/mkcert.sh
/etc/dovecot/conf.d/10-ssl.conf
file:
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem ssl_key = </etc/pki/dovecot/private/dovecot.pem
systemctl restart dovecot.service
command to restart the dovecot
daemon.
stunnel
command can be used as an SSL encryption wrapper around the standard, non-secure connections to IMAP
or POP
services.
stunnel
utility uses external OpenSSL libraries included with Fedora to provide strong cryptography and to protect the network connections. It is recommended to apply to a CA to obtain an SSL certificate, but it is also possible to create a self-signed certificate.
Installing the stunnel package
stunnel
, first ensure the stunnel package is installed on your system by running, as root
:
yum install stunnel
/etc/pki/tls/certs/
directory, and type the following command:
certs]# make stunnel.pem
stunnel
configuration file, for example /etc/stunnel/mail.conf
, with the following content:
cert = /etc/pki/tls/certs/stunnel.pem [pop3s] accept = 995 connect = 110 [imaps] accept = 993 connect = 143
stunnel
with the created configuration file using the /usr/bin/stunnel /etc/stunnel/mail.conf
command, it will be possible to use an IMAP
or a POP
email client and connect to the email server using SSL encryption.
stunnel
, refer to the stunnel
man page or the documents in the /usr/share/doc/stunnel/
directory.