I've been considering using Real Basic to write The Great American Mail Handler (a cousin of the Great American Novel), but the inexpensive Personal Edition doesn't come with SSL. What a pain. Is there any serious email provider that doesn't use secure sockets at this point? So if I'm going to test against a real server, I'd really kind of need SSL support, and I'm not paying $200 up front for a hobbyist project.

Enter stunnel, a "NIX package (also compiled into a service for Windows) that securely wraps a tunnel from your box to another. Instant https, POP3 with SSL, SMTP, you name it.

How difficult is it to set up? I spent an evening hacking, and after a few dumb mistakes, found out. Here's my post to the Real Basic user group mailing list.

> Yep, I think the stunnel package I'd mentioned a while back
> is going to be the way to go while developing.

Yeah, wow, that was easy. Forgive me for the bytes, but I figured I'd log
directions here in case someone Googles this thread up. I should add that
I'm using a Mac.

Download stunnel with GUI overlay from here:
http://www-act.ucsd.edu/downloads/SSLEnabler.dmg

Drag the SSL Enabler to Applications and start it up. Authenticate. Have
SSL Enabler install stunnel. It crashed on me then. No big deal.

Restart if it crashed, click Authenticate, and set up a Local Port for POP3
(say 1109), type "pop.gmail.com" (if you're using a Gmail account) as the
Remote Server IP, then 995 as the Remote Port, as 995 is the standard POP3
port for SSL connections.

Here's a catch -- and I've written utilities this sloppy before, I'm afraid
-- you have to have focus leave the Remote Port blank to make sure it
registers your change. Otherwise it sometimes records the default 9999
value. So change focus back to the Local Port or Remote Server IP entry
before clicking save.

Open a term window. Enter the following:

ps ax | egrep stun | egrep -v egrep

Hit return. You should see your stunnel there. For instance:

10526 ?? Ss 0:00.01 /usr/local/sbin/stunnel -c -d 1109 -r
pop.gmail.com:995

Now you can, for kicks, test out that things are working by telnetting into
Gmail's pop server. Ensure you've enabled POP in your test gmail account.
Note that this is different from enabling IMAP. If you enabled IMAP in the
past, make sure you go back in and do the same for POP. (Yes, personal
experience here. Stoopid.)

So things starting with + came from Google, and stuff before those + lines
are the stuff you'll type.

$ telnet 127.0.0.1 1109
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
+OK Gpop ready for requests from [your IP and other info]
user yourUserNameWith@gmail.com
+OK send PASS
pass yourPassword
+OK Welcome.
list
+OK 159 messages (1621817 bytes)
1 2935
2 2764
3 2456
....
retr 2
+OK message follows
MIME-Version: 1.0
Received: by 10.147.34.3; Sun, 2 Jan 2011 14:22:40 -0800 (PST)
Date: Sun, 2 Jan 2011 14:22:40 -0800
....
rset
+OK
quit
+OK Farewell.

Make sure you use "rset" to reset the POP server's state if you're testing.
You'll want the emails to stay "current" so that they show up on your next
LIST. If you don't, they've been permanently POPped, and the server won't
show them to you again without fiddling with Gmail's Mail Settings. (This,
of course, is a large part of why IMAP rocks. POP really is just the Post
Office shoving new stuff you haven't received into your mailbox and washing
their hands of the whole mess.)

In a Real Basic app, you'd start things off with code like this, perhaps in
your main window's Open() subroutine:
Socket1.Port = 1109
Socket1.Address = "127.0.0.1" ' with stunnel

Socket1.username = "yourUserNameWith@gmail.com"
Socket1.password = "yourPassword"

Socket1.Connect

To reset the server while you test and then disconnect, drop this into the
window's Close() sub:
Socket1.RollbackServer ' equivalent of RSET in telnet
Socket1.DisconnectFromServer ' QUIT

As long as you fire up SSL Enabler each time you start up your Mac and enter
in the stunnel, you can code away with the Personal POP3Socket against POP3
servers that require SSL, without the 5 minute warning some Zymail folk were
apparently slogging through as they tested builds without Professional.
Then write the great American novel and change over to POP3SecureSocket
years later once you've slain the whale. I think all you'd hack at that
point would be your Socket.Address from 127.0.0.1 to, in Gmail's case,
pop.gmail.com, the Port from 1109 (or whatever you stunneled) to 995, and
then you'd add these two lines in your window's Open():

Socket1.ConnectionType = POP3SecureSocket.SSLv23
Socket1.Secure = true

There's $200 "saved". ;^) (More accurately, there's $100 /spent/ on the
Personal Edition. Fun nighttime project.)

Thanks for your patience.

Labels: ,