How can we help?

Watch this space: Upcoming Help Centre Migration


IMAPs / POP3s support for the Webmail client

Nathan Salt -


Add SSL to IMAP and POP3 via transparent proxy


  • On-Premise Server + WebMail Installations: Version 6.0 > Current Version
  • Webmail Only Installations: Version 6.0 > Current Version


Add SSL to IMAP and POP3 via transparent proxy


The following article explains how to add IMAPs or POP3s support to the webmail client via a transparent proxy. This solution requires that the webmail client is hosted on Linux with iptables support or that you have a Linux/iptables gateway to intercept the outbound connections.
The proxying is done via Stunnel.

Get and install stunnel on the server that is running @Mail from RedHat based distro's may be able to do a 'yum install stunnel'.

The proxy, although transparent is not dynamic i.e. each external mail server that needs to be contacted has to be added manually to the configuration.

Edit stunnel.conf (/etc/stunnel/stunnel.conf) and add the protocol (imaps or pop3s) and the external mail server as follows:

client = yes
accept =
delay = yes
connect =
accept =
connect =

Start stunnel with the following command:

stunnel /etc/stunnel/stunnel.conf

In the example stunnel configuration above we are saying that stunnel is acting as a client, and that it will accept IMAP connections on the localhost port 6100 and proxy those connections to via IMAPs (port 993) and is doing the same for POP3s.

Now we need to add the iptables rules to intercept any connections destined for on either the IMAP port (143) or the POP3 port (110) and forward them to the appropriate stunnel port (6100 or 6101)

# IMAPs proxy for

iptables -t nat -A OUTPUT -p tcp -d --dport 143 -j DNAT --to

# POP3s proxy for

iptables -t nat -A OUTPUT -p tcp -d --dport 110 -j DNAT --to

I add these rules to rc.local so I can easily manage them. To add additional hosts add another entry in stunnel.conf using a unique port on the accept line. Starting at 6100 I keep incrementing from there.


Contact our support team

+61 (7) 5357 6605