Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - POP2Exchange
  3. Articles

MailEssentials | Configure POP2Exchange to download emails from Gmail or other mail servers using TLSv1.2

Answer

PROBLEM

POP2Exchange fails to download emails from Gmail or other mail providers due to obsolete SSL protocol.

ENVIRONMENT

  • GFI MailEssentials 21.2 and earlier versions
  • Server 2012 and above

SOLUTION

GFI MailEssentials POP2Exchange is able to download emails from Gmail with the use of third party products. 
 
A. Ensure that you have enabled POP3 on your Gmail Accounts (for more information, please refer to: http://mail.google.com/support/bin/answer.py?hl=en&answer=13273) or other mail server
 
B. Download both Stunnel and OpenSSL
  1. Download the Microsoft Windows binary for Stunnel from the here
  2. Download OpenSSL 1.1.0h Light or newer, to obtain the required SSL DLL files required, from here
C. Install and Configure OpenSSL
  1. Run the OpenSSL installation and follow the wizard to complete the installation.
  2. Leave the default settings in place and when reaching the point were to install the OpenSSL dlls, make sure to select Windows system directory
D. Install and configure Stunnel
  1. Run the Stunnel installation and follow the wizard to complete the installation. When the cmd opens and asks for company information, it can be skipped by pressing enter.
  2. Browse to the Stunnel installation directory (default <\Program Files\Stunnel\config>)
  3. Open the stunnel.conf using Microsoft Notepad and edit the configuration files as follows:
Under 'Example TLS Client mode services' add or edit the following:
----------------------
[nameOfService]
client = yes
accept = 127.0.0.1:110
connect = UrlOfMailServer:portNumber
---------------------
 
The other default ones can be removed to not cause a port conflict with other services.
Example of how it can look like:
stunnel example
        4. Close and save the configuration file
        5. Run the stunnel.exe executable in the Stunnel directory
 
E. Configure GFI MailEssentials POP2Exchange
Open POP2Exchange Configuration and select "Add". In MailEssentials 2012, this will be listed under the Email Management Tools.
Add each Gmail account you wish to download the messages from with the following settings:
  1. POP3 Server: 127.0.0.1 (or the server running Stunnel if it is not running on the local host)
  2. Select port 110 (same as the one configured in the "accept" statement in the .conf file)
  3. Login: username@gmail.com
  4. Password: enter the password of the gmail account
  5. Select "Send mail to alternate address" and enter the destination email address in the above box.
  6. Disable SSL option (it will not work if this is not unchecked)
  7. Click "Update" and hit save at the top.
  8. Click "Force Download"
F. GFI POP2Exchange will now connect to the server running Stunnel and use this SSL\TLS connection to download the email messages from the configured Gmail accounts or other mail servers that do not allow weak protocols.
Testing the setup, we should see Wireshark reporting TLSv1.2:
TLS1.2 in Wireshark using stunnel
 
Note: External links are selected and reviewed when the article is written and published. However, GFI Software is not responsible for the content of external websites.

CAUSE

Wireshark traces show POP3 trying to communicate with mail servers using a weaker protocol.
Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments