[VM] VM / stunnel4 / STARTTLS documentation

Discussion:

Matthew Vernon

2012-03-01 14:44:22 UTC

Hi,

I wonder if the documentation could be enhanced a little? I spent quite
some time figuring this out, and a quick note in the docs would have
saved me some pain.

Essentially, if your IMAP server does STARTTLS on port 143, you have to
tell stunnel to do this, otherwise nothing works (it quits returning 0,
and VM says there's an IMAP problem). This is readily achieved by
creating a little file containing the single line:
protocol = imap
and setting vm-stunnel-program-additional-configuration-file
appropriately.

It's far from obvious that this is the case, so maybe a short note in
the vm-IMAP instructions could be added to this effect?

Thanks,

Matthew

--
`O'-----0 `O'---. `O'---. `O'---.
\___| | \___|0-/ \___|/ \___|
| | /\ | | \ | |\ | |
The Dangers of modern veterinary life

Uday Reddy

2012-03-01 19:30:06 UTC

Permalink

Post by Matthew Vernon
Hi,
I wonder if the documentation could be enhanced a little? I spent quite
some time figuring this out, and a quick note in the docs would have
saved me some pain.

Sorry, we can't put it in the docs. The VM manual can only describe VM, not
how to configure stunnel, which is an independent program.

On the other hand, this kind of stuff can go on EmacsWiki, and anybody can
put things in there.

Post by Matthew Vernon
Essentially, if your IMAP server does STARTTLS on port 143, you have to
tell stunnel to do this, otherwise nothing works (it quits returning 0,
and VM says there's an IMAP problem). This is readily achieved by
protocol = imap
and setting vm-stunnel-program-additional-configuration-file
appropriately.

What I can do is add mention of the stunnel additional-configuration-file
variable in the manual, which should have been there in the first place. On
the other hand, I don't know what else to say there other than to summarise
the doc string. (Actually, I see that the doc string is self-contradictory
too. Sigh..) If somebody can contribute some text that I can put in the
manual, I would appreciate it.

Cheers,
Uday

Matthew Vernon

2012-03-01 19:45:22 UTC

Permalink

Post by Uday Reddy
Sorry, we can't put it in the docs. The VM manual can only describe VM, not
how to configure stunnel, which is an independent program.

Up to a point, lord copper. You clearly can't describe every possible
configuration but given stunnel is the suggested tool (and STARTTLS
hardly uncommon), a small hint wouldn't cost many bits...

Post by Uday Reddy
On the other hand, this kind of stuff can go on EmacsWiki, and anybody can
put things in there.

"*Name of a configuration file the contents of which are appended to the
file VM writes to configure stunnel version 4 or later.

Stunnel (versions 4 and later) is configured by a file, not command-line
options. VM builds a suitable file for each instance of stunnel that it
runs; if this variable is non-nil, then the contents of the file named
are appended to the file VM builds. The manual for stunnel4 describes
all the configuration options you can set in this file; the "protocol =
imap" option will enable STARTTLS, for example."

?

Regards,

Matthew

--
`O'-----0 `O'---. `O'---. `O'---.
\___| | \___|0-/ \___|/ \___|
| | /\ | | \ | |\ | |
The Dangers of modern veterinary life

Reinhard Kotucha

2012-03-02 01:38:51 UTC

Permalink

Post by Matthew Vernon

Post by Uday Reddy
Sorry, we can't put it in the docs. The VM manual can only
describe VM, not how to configure stunnel, which is an
independent program.

Up to a point, lord copper. You clearly can't describe every
possible configuration but given stunnel is the suggested tool (and
STARTTLS hardly uncommon), a small hint wouldn't cost many bits...

Something like the "SEE ALSO" entry in manual pages? I wouldn't go
any further because it's too hard to keep things in sync.

Regards,
Reinhard

--
----------------------------------------------------------------------------
Reinhard Kotucha Phone: +49-511-3373112
Marschnerstr. 25
D-30167 Hannover mailto:***@web.de
----------------------------------------------------------------------------
Microsoft isn't the answer. Microsoft is the question, and the answer is NO.
----------------------------------------------------------------------------

Uday Reddy

2012-03-02 09:17:29 UTC

Permalink

Post by Matthew Vernon

Post by Uday Reddy
Sorry, we can't put it in the docs. The VM manual can only describe VM, not
how to configure stunnel, which is an independent program.

Up to a point, lord copper. You clearly can't describe every possible
configuration but given stunnel is the suggested tool (and STARTTLS
hardly uncommon), a small hint wouldn't cost many bits...

This is not a question of bits. stunnel is a separate program, maintained
independently. We can't take responsibility for how it should be configured
in the VM manual. stunnel can change on its own and we have no control over
it.

The unfortunate fact of the Unix world is that the users are expected to put
together a number of components and figure out how to configure them so that
they can work together. It is a pain, and it is not ideal, but that is Unix
for you. What can I say?

Each of the components should be telling you how to interface with the other
components. Other than that, Linux distributions help out the users with
putting together components. Or, there is the web. So, EmacsWiki is where
this kind of information should go. And, the VM user community should be
maintaining it more actively than it has been.

Your IMAP provider should also be telling you how to configure tools like
stunnel. Why are they using port 143 for IMAP-SSL anyway? Port 993 is the
standard for secure IMAP.

Cheers,
Uday