07 Agustus 2007

Ngepop Email Dari Gmail & Gmail Hosting

1. Persiapan aplikasi yg dipake:
 - Install OpenSSL
# cd /usr/ports/security/openssl
# make install USE_NONDEFAULT_X11BASE=yes
# make clean USE_NONDEFAULT_X11BASE=yes
- Install fetchmail pastikan support SSL.
# cd /usr/ports/mail/fetchmail
# make install USE_NONDEFAULT_X11BASE=yes
# make clean USE_NONDEFAULT_X11BASE=yes
- Install mutt.
# cd /usr/ports/mail/fetchmail
# make install USE_NONDEFAULT_X11BASE=yes
# make clean USE_NONDEFAULT_X11BASE=yes
- Install maildrop.
# cd /usr/ports/mail/maildrop
# make install USE_NONDEFAULT_X11BASE=yes
# make clean USE_NONDEFAULT_X11BASE=yes
- Install ssmtp.
# cd /usr/ports/mail/ssmtp
# make USE_NONDEFAULT_X11BASE=yes
Modifikasi biar sedikit tampil lebih gaya:
# cd /usr/ports/mail/ssmtp/work/ssmtp-2.61
# vim ssmtp.c
  ...
  smtp_write(sock,
  "Received: by %s (sSMTP by Internet and Game PC Kumprang); %s", hostname, arpadate);
  ...
# make install USE_NONDEFAULT_X11BASE=yes FORCE_PKG_REGISTER=yes
# make clean USE_NONDEFAULT_X11BASE=yes
2. Pengechekan dan konfigurasi:
# openssl version
OpenSSL 0.9.7d 17 Mar 2004
# fetchmail -V
...
This is fetchmail release 6.3.8+RPA+SDPS+SSL+OPIE+NLS.
...
# cat /usr/local/etc/ssmtp/ssmtp.conf
root=postmaster
mailhub=smtp.gmail.com:465
rewriteDomain=indofreebsd.or.id
hostname=mx1.kumprang.com
FromLineOverride=YES
UseTLS=YES
3. Pembuatan hash sertifikat untuk GMAIL:
 - Pertama-tama kita check gmail sertifikat terlebih dahulu:
$ openssl s_client -connect pop.gmail.com:995 -showcerts
CONNECTED(00000003)
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=pop.gmail.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority G2
-----BEGIN CERTIFICATE-----
MIIEfjCCA2agAwIBAgIIc6+f0G5AAmEwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTcwMzA5MDIxOTAwWhcNMTcwNjAxMDIxOTAw
WjBnMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEWMBQGA1UEAwwNcG9w
LmdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANQWel+P
tZJMDO5GLIL11CxxLCbG9VF1JNh8l4KQksGki+UyAByxWgxRPwCkwizTv9O5exTx
hv2lAkhgrbDPRZZy+luaa+rbTcByvmxTGbM8GaQqjFP2gdXloWitbzQndhRAXIv2
y6ByG1NZiuj3bhxT2DnCBlhlajdWfSzkKJZOQ+LK4qfVWFigQykxOfLwU1luO1dN
sEE9HwuTSm4FQVzqwCmmuRNQxeTU731Nlu9J7O5e1p8PId7+79baMQ+CFAhSO28D
uFz/7CCS+gjfd5kMpryNydEQJbElwMUILmHn/HfGRJPqpv++ncxhUT7HyoE3X0va
Ou0frknAIJewQ9UCAwEAAaOCAUowggFGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjAYBgNVHREEETAPgg1wb3AuZ21haWwuY29tMGgGCCsGAQUFBwEBBFww
WjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29tL0dJQUcyLmNydDAr
BggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5jb20vb2NzcDAdBgNV
HQ4EFgQUaEXyUuABRO2N/eyuBvKTjvcRw4MwDAYDVR0TAQH/BAIwADAfBgNVHSME
GDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAhBgNVHSAEGjAYMAwGCisGAQQB1nkC
BQEwCAYGZ4EMAQICMDAGA1UdHwQpMCcwJaAjoCGGH2h0dHA6Ly9wa2kuZ29vZ2xl
LmNvbS9HSUFHMi5jcmwwDQYJKoZIhvcNAQELBQADggEBAAOVpxxXr1HH0Go+nlOI
e8zvrKbI/kpynd6RnXtpGHnJ34ROJm6DSE9t8JqjfXUs+Uh5seO4ebK7IUgu7guL
rq8y6/Lu23kRO2YFVtG+CcyauUkCUMEYqDTqnXORN/SgZkhlNbh3wAvK97drkO0W
+5rmmhYcDCag75dxiaqhnhs2Wz78jliXUFYgLmYI/8P+o77TzKZew/FrnNZZM8aO
LJBAkNGNFGUx65ihtsLN8zTxj97SvRLUEg6aQIzDI3WPVOJFg/ClJdBTOdqPEAfb
JZrAyt0TYxxpRAWGUyWgCuVt9xsmt8FoP8eG9iDTQ/1YnstJIsLzzCG6qPYPv1ei
73s=
-----END CERTIFICATE-----
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
-----BEGIN CERTIFICATE-----
MIID8DCCAtigAwIBAgIDAjqSMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
YWwgQ0EwHhcNMTUwNDAxMDAwMDAwWhcNMTcxMjMxMjM1OTU5WjBJMQswCQYDVQQG
EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy
bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP
VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv
h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE
ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ
EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC
DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB5zCB5DAfBgNVHSMEGDAWgBTAephojYn7
qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wDgYD
VR0PAQH/BAQDAgEGMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDov
L2cuc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwNQYDVR0fBC4wLDAqoCig
JoYkaHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMBcGA1UdIAQQ
MA4wDAYKKwYBBAHWeQIFATANBgkqhkiG9w0BAQsFAAOCAQEACE4Ep4B/EBZDXgKt
10KA9LCO0q6z6xF9kIQYfeeQFftJf6iZBZG7esnWPDcYCZq2x5IgBzUzCeQoY3IN
tOAynIeYxBt2iWfBUFiwE6oTGhsypb7qEZVMSGNJ6ZldIDfM/ippURaVS6neSYLA
EHD0LPPsvCQk0E6spdleHm2SwaesSDWB+eXknGVpzYekQVA/LlelkVESWA6MCaGs
eqQSpSfzmhCXfVUDBvdmWF9fZOGrXW2lOUh1mEwpWjqN0yvKnFUEv/TmFNWArCbt
F4mmk2xcpMy48GaOZON9muIAs0nH5Aqq3VuDx3CQRk6+0NtZlmwu9RY23nHMAcIS
wSHGFg==
-----END CERTIFICATE-----
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
-----BEGIN CERTIFICATE-----
MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw
WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE
AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m
OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu
T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c
JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR
Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz
PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm
aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM
TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g
LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO
BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv
dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB
AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL
NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W
b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S
-----END CERTIFICATE-----
---
Server certificate
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=pop.gmail.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
---
No client certificate CA names sent
---
SSL handshake has read 3238 bytes and written 432 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES128-SHA
    Session-ID: A87773B6BC8885E8A62FFDDBCEBDB3AC501D9CE1F2F568E51987E6841589986C
    Session-ID-ctx: 
    Master-Key: 78822452907D22E8C051732040DF144935917C1222DB1FCA67DA0548B974FC2AD228AF0D0B4222BA53453D8DAB10939B
    Key-Arg   : None
    Start Time: 1490021678
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---
+OK Gpop ready for requests from 110.136.134.23 u30mb12032308oof
Atau biar lebih gampang download saja: Biar default $PATH bisa digunakan untuk semua user dalam 1 box lebih baik ada simpan di /usr/src/crypto/openssl/certs/.
$ su -
# cd /usr/src/crypto/openssl/certs/
# wget --no-check-certificate -O Equifax_Secure_Certificate_Authority.pem https://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer
# chmod 644 Equifax_Secure_Certificate_Authority.pem
# openssl x509 -in Equifax_Secure_Certificate_Authority.pem -fingerprint -subject -issuer -serial -hash -noout 
SHA1
Fingerprint=D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A
subject= /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
issuer= /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
serial=35DEF4CF594f1775
# c_rehash .
# file 594f1775.*
594f1775.0: symbolic link to `Equifax_Secure_Certificate_Authority.pem'
4. File² yg diperlukan $HOME, diataranya ~/.fetchmailrc:
$ cat .fetchmailrc
poll pop.gmail.com
proto POP3
user budsz@indofreebsd.or.id
password xxxxxx
options nokeep ssl sslcertpath /usr/src/crypto/openssl/certs smtp smtp.gmail.com
mda "formail -bcYzq- | /usr/local/bin/maildrop"
$ grep "set sendmail" .muttrc
set sendmail="/home/budsz/gmail-smtp.sh"
$ cat gmail-smtp.sh
#!/bin/sh
/usr/local/sbin/ssmtp -au "budsz@indofreebsd.or.id" -ap "xxxxxx" $@
$ chmod 700 gmail-smtp.sh
$ cat .mailfilter
PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
SENDMAIL="/usr/local/sbin/ssmtp"
SHELL="/bin/sh"
VERBOSE="0"
LOGNAME="$HOME/Mail/Log"
LOG="$HOME/Mail/log"
DEFAULT="$HOME/Mail/Inbox"
MAILDIR="$HOME/Mail"

`reformail -D 8000 duplicate.cache`
if ( $RETURNCODE ==0 )
exit
Silakan isikan filter mail selengkapnya, kita test nge-pop skg:
$ fetchmail -va -f ~/.fetchmailrc
fetchmail: 6.3.8 querying pop.gmail.com (protocol POP3) at Sun Jul  1 19:44:58 2007: poll started
Trying to connect to 72.14.253.109/995...connected.
fetchmail: Issuer Organization: Equifax
fetchmail: Unknown Issuer CommonName
fetchmail: Server CommonName: pop.gmail.com
fetchmail: pop.gmail.com key fingerprint: 59:51:61:89:CD:DD:B2:35:94:BB:44:97:A0:39:D5:B4
fetchmail: POP3< +OK Gpop ready for requests from 125.163.77.180 y11pf4448332pod
fetchmail: POP3> CAPA
fetchmail: POP3< +OK Capability list follows
fetchmail: POP3< USER
fetchmail: POP3< RESP-CODES
fetchmail: POP3< EXPIRE 0
fetchmail: POP3< LOGIN-DELAY 300
fetchmail: POP3< X-GOOGLE-VERHOEVEN
fetchmail: POP3< UIDL
fetchmail: POP3< .
fetchmail: POP3> USER budsz@indofreebsd.or.id
fetchmail: POP3< +OK send PASS
fetchmail: POP3> PASS *
fetchmail: POP3< +OK Welcome.
fetchmail: POP3> STAT
fetchmail: POP3< +OK 1 1835
1 message for budsz@indofreebsd.or.id at pop.gmail.com (1835 octets).
fetchmail: POP3> LIST 1
fetchmail: POP3< +OK 1 1835
fetchmail: POP3> RETR 1
fetchmail: POP3< +OK message follows
reading message budsz@indofreebsd.or.id@gmail-pop.l.google.com:1 of 1 (1835 octets)
#*********** flushed
fetchmail: POP3> DELE 1
fetchmail: POP3< +OK marked for deletion
fetchmail: POP3> QUIT
fetchmail: POP3< +OK Farewell.
fetchmail: 6.3.8 querying pop.gmail.com (protocol POP3) at Sun Jul  1 19:45:02 2007: poll completed
fetchmail: normal termination, status 0
5. Dah segitu aja, skg ambil coke dingin + rokok Djarum Super sambil dengerin MP3 Megadeth :-). 
Sumber :
http://www.google.com/
http://souptonuts.sourceforge.net/postfix_tutorial.html http://mogrify.homelinux.org/2006/01/03/using-mutt-with-gmail/

Tidak ada komentar: