Chip's Stunnel Configuration file

Mon, 22 Nov 2004 21:15:07 -0500

Below is my stunnel.conf file. Snip between the lines of hyphens.

I use this file for connecting to AT&T Worldnet service through my DSL connection. With Blat, I tell it the server is, port 25. As can be seen, stunnel is configured to accept connections on port 25, then route them to AT&T on port 465 using encryption. The encryption layer is required to connect with AT&T when not on an AT&T dial-up number.

My email clients connect to POP3 on port 111, which is connected to SpamAssassin, and that is then connected to stunnel on port 110; this provides the encrypted link back to AT&T to retrieve email.

Additionally, I have a pop3 server program I wrote specifically to test spam filter rules. One of the ports assigned to SpamAssassin is forwarded to my pop3 server so I can pump in thousands of emails to test the effectiveness of my filter rules in SpamAssassin. The flow is email client using test account connects to, which is SpamAssassin; which in turn connects to, this being my pop3 server. As I alter my filters, I can rerun as many messages as I choose.


CAfile = CAcert.pem
cert = client.pem
client = yes
output = stunnel.log
RNDfile = .rnd

[att smtp]
accept = 25
connect =

[att pop3]
accept = 110
connect =

[att nntp]
accept = 119
connect =