Подключаем ssl к DBMail с помощью stunnel.
cat /etc/default/dbmail
# comment out to enable the stunnel SSL wrapper
#START_SSL=true
# specify the filename for the pem file as
# it resides in /etc/ssl/certs
#PEMFILE="mail.smeegul.kiev.ua.pem"
cat /etc/dbmail/dbmail.conf
#
# SSL/TLS certificates
#
# A file containing a list of CAs in PEM format
tls_cafile =
# A file containing a PEM format certificate
tls_cert =
# A file containing a PEM format RSA or DSA key
tls_key =
# A cipher list string in the format given in ciphers(1)
#tls_ciphers =
#все tls порты закомментированы
#tls_port =
cat /etc/stunnel/pop3s.conf
CAfile = /etc/stunnel/ca.crt
cert = /etc/stunnel/mail.smeegul.kiev.ua.crt
key = /etc/stunnel/mail.smeegul.kiev.ua.key
session = 14400
TIMEOUTidle = 14400
[pop3s]
accept = 192.168.56.110:995
connect = 192.168.56.110:110
cat /etc/stunnel/imaps.conf
CAfile = /etc/stunnel/ca.crt
cert = /etc/stunnel/mail.smeegul.kiev.ua.crt
key = /etc/stunnel/mail.smeegul.kiev.ua.key
session = 14400
TIMEOUTidle = 14400
[imaps]
accept = 192.168.56.110:993
connect = 192.168.56.110:143
wget http://security.debian.org/debian-security/pool/updates/main/o/openvpn/openvpn_2.2.1-8+deb7u5_amd64.deb
1.0/
cat openssl.cnf
default_md = sha512 # which md to use.
. vars
./clean-all
./build-ca
./build-dh
./build-key mail.smeegul.kiev.ua
cat /root/check_ms_r_stunnel.sh
#!/bin/bash
#
#
#
#set -x
ps axu |grep -i stunnel |grep "/etc/stunnel/pop3s.conf" |grep -v "grep /etc/stunnel/pop3s.conf" >/dev/null 2>/dev/null
if [ "$?" -ne "0" ];then
netstatapn=`netstat -apn`
psaxu=`ps axu`
echo -e "${netstatapn}\n\n\n\n${psaxu}" |mail -s"MS: stunnel pop3s" p.gaidai@ukr.net
stunnel /etc/stunnel/pop3s.conf &
fi
...
Используемые материалы:
интернет
Автор: smeegul
17.04.2018 16:09