Using Stunnel

Stunnel is a free SSL proxy server that provides SSL services to Windows programs. Stunnel is easy to install, very robust, and functions transparently with very little overhead.

Stunnel is required by SEE application programs when connecting to an email server that requires SSL services such as Gmail, Hotmail, and Yahoo.

If you are using SEE version 7.0 (or above), once downloaded & unzipped, Stunnel can be configured and controlled automatically without any user intervention. See http://www.marshallsoft.com/stunnel_auto.htm

Using Stunnel Manually

The recommended way to use Stunnel is to add it to your Windows program Startup list on each computer that requires SSL services.

Step 1: Download Stunnel

Stunnel may be downloaded from http://www.stunnel.org/download/binaries.html
or from ftp://ftp.marshallsoft.com/pub/stunnel/stunnel.zip

Step 2: Install Stunnel

Run the downloaded Stunnel installation program. The recommended installation directory is "c:\stunnel".

Step 3: Stunnel Configuration File

There are four Stunnel configuration files provided: config(gmail).txt, config(hotmail).txt, config(yahoo).txt, and config(microsoftonline).txt. Copy these configuration files from the APPS directory to your Stunnel directory c:\stunnel.

Gmail Configuration File 'config(gmail).txt'

; SMTP/POP3 Configuration for SEE/Gmail
; Stunnel must be running on same machine as SEE
output = gmail.log
; show STUNNEL on task bar ? (yes/no)
taskbar = yes
cert = stunnel.pem
client = yes
[ssmtp]
accept = 8001
connect = smtp.gmail.com:465
[spop3]
accept = 9001
connect = pop.gmail.com:995


Hotmail Configuration File 'config(hotmail).txt'

; SMTP/POP3 Configuration for SEE/Hotmail
; Stunnel must be running on same machine as SEE
output = hotmail.log
; show STUNNEL on task bar ? (yes/no)
taskbar = yes
cert = stunnel.pem
client = yes
[ssmtp]
accept = 8002
connect = smtp.live.com:587
protocol = smtp
[spop3]
accept = 9002
connect = pop3.live.com:995


Yahoo Configuration File 'config(yahoo).txt'

; SMTP/POP3 Configuration for SEE/Yahoo
; Stunnel must be running on same machine as SEE
; Requires Yahoo's "Mail Plus"
output = yahoo.log
; show STUNNEL on task bar ? (yes/no)
taskbar = yes
cert = stunnel.pem
client = yes
[ssmtp]
accept = 8003
connect = plus.smtp.mail.yahoo.com:465
[spop3]
accept = 9003
connect = plus.pop.mail.yahoo.com:995


Microsoftonline Configuration File 'config(microsoftonline).txt'

; SMTP/POP3 Configuration for SEE/Microsoftonline
output = microsoftonline.log
; show STUNNEL on task bar ? (yes/no)
taskbar = yes
cert = stunnel.pem
client = yes
[ssmtp]
accept = 8004
connect = smtp.mail.microsoftonline.com:587
protocol = smtp
[spop3]
accept = 9004
connect = pop.mail.microsoftonline.com:995


(Let us know if you require a configuration file for a different TLS/SSL email server)

Examine the Stunnel configuration files. Note that they do not contain any user names or passwords. Also note the "accept =" port numbers that are used to communicate with SEE. For example, in config(gmail).txt, the SMTP port is 8001 and the POP3 port is 9001. These same port numbers must be passed to seeSmtpConnectSSL and seePop3ConnectSSL. See the MailSSL and ReadSSL example programs.

Note the "taskbar = yes" entry. If you do not want the Stunnel icon to be displayed on the Windows taskbar, change this entry to "taskbar = no".

If you are using another email server that requires SSL services, create a new Stunnel configuration file. You will need to know the server name and port used by the particular email service. Choose unique communication ports. For example, 8004 for SMTP and 9004 for POP3.

Step 4: Starting Stunnel

There are several ways that Stunnel can be started, although the recommended way is to put it in the StartUp list so that it is started automatically each time your computer is booted. Stunnel does not take much memory and uses CPU only when being used.

Stunnel can always be started manually by using the Windows "Run" icon or typing (for Gmail) c:\stunnel\stunnel config(gmail).txt

Step 5: Adding Stunnel to Startup List

First, create a shortcut to Stunnel by right-clicking on your desktop and clicking "New" then "Shortcut". For example, for Gmail, enter

c:\stunnel\stunnel config(gmail).txt

in the box displayed. Name it "StunnelGmail".

For Windows XP;

• 1. Double-click "My Computer".
• 2. Double-click the Local Drive (C:) icon.
• (if you see "these files and folders are hidden", click "view these now")
• 3. Scroll down to the "Documents and Settings" folder.
• 4. Double-click it.
• 5. Double-click "All Users"
• 6. Double-click "Start Menu"
• 7. Double-lick "Programs"
• 8. Double-lick "Startup"
• 9. Drag the Stunnel shortcut into "Startup" window.

For Windows Vista and Windows 7

• 1. Right-click "Start" button
• 2. Left-click "Explore All Users"
• 3. Double-click "Programs"
• 4. Scroll down until you see the folder labeled "Startup"
• 5. Double-click it to open its contents window
• 6. Drag the Stunnel shortcut into "Startup" window.

Stunnel will now be started each time your computer is booted. If more than one SSL enabled server will be used (say both Gmail and Hotmail), multiple copies of Stunnel may be started, each with its unique configuration file.