Encryption tool: four steps to solve the mail server (1)

The SSL (Secu rity Socket Layer) Protocol was designed and developed by Netscape to provide user and Server Authentication and encrypt and hide transmitted data; ensuring that data is not changed during transmission (that is, data integrity) has become a global standard in this field.

Stunnel is a TCP connection tool that can encrypt network data. It can work on Unix, Linux, and Windows platforms and uses Client/Server mode to encrypt network data on CIient using SSL, it is securely transmitted to the specified Server for decryption and restoration, and then sent to the accessed Server.

StunneI solves the problem that SSL cannot encrypt the data transmitted by existing applications. Before the emergence of Stunnel, to achieve secure data transmission, you can only improve security by adding SSL code to the application. Stunnel is based on OPenSSL, so OpenSSL must be installed and configured correctly. Stunnel can protect server software that does not enable SSL without modifying the daemon code. For example, you can use Stunnel to protect POP3, SMTP, and IMAP servers. The latest version of stunneiis stunel-4.33.tar.gz. its official website is www.stunnel.org.

1. Install and compile Stunnel

StunneI installation is very simple, and I am not redundant here. Use the following command to install StunneI:

# Wget http://www.stunnel.org/download/stunnel/src/stunnel-4.33.tar.gz

# Tar zxvf stunel-4.33.tar.gz

#./Configure; make install

Figure Stunnel Working Principle

Below we use Stunnel to encapsulate some popular email servers.