less is more? blahonga.
[back to index]
Tue Oct 9 22:02:37 CEST 2007
Getting imap over ssh to work in evolution
A few years back I gave the Evolution mail/cal suite a try and
was a little disappointed. It was unstable, and its IMAP support
was... well rudimentary. Now that Im helping Annas company, with
their laptops and servers and such, I decided to give it another
After all, there really is no good alternative for MS Outlook
which integrates well with the Gnome desktop.
So after looking into it a bit, I discovered that I actually
liked it. Not that I would use it... Im a mutt/muttng person my-
self. But for a non-poweruser from the MS world, I think this
would be a good solution. Except for one thing. The IMAP support
kind of sucks in the sense that it assumes that everyone can af-
ford to have a "real" imaps certificate, one which costs money.
Since we're still a low-budget company its not really something
we can afford. So we use self-signed ones.
The problem is, that as opposed to Thunderbird, mutt, etc, it
complains about the self-signed certificate _every_ time you con-
nect. Very very irritating. Now, apparently it is possible to
pass the certificate signature on to the evolution client so that
it doesnt complain every time you connect. But if this is docu-
mented somewhere its damn hard to find, I've searched quite ex-
tensively on this topic.
So instead I decided to use an ssh tunnel. The default values on
ubuntu work badly, namely because the executed application is set
to /usr/sbin/imapd. This tries to start the imap server. Not
good. Instead, you swap the binary to /usr/bin/imapd. This works
better. Another thing- if you dont use key-based authentication,
you'll have to enter the password every time you start evolution.
Below a step by step:
There we go. It works for me :)
- Create a public/private key-pair for this connection. To make
it easier to identify, add a comment saying what this key is for.
I normally give the keys good names, and point them out in the
$HOME/.ssh/config file. If you use many keys, you'll find this
- Place your keys in your client's .ssh directory. Make sure the
permissions are restrictive (0700) on the directory and files.
- Add the content of your public key to your .ssh/authorized_keys
file on the server side. If you want to you can prefix the key with
a command. In this case you can, for example, make ssh automatically
start up /usr/bin/imapd when a connection comes in. Anyway.
- Test this once by ssh:ing to the mail server.
- Assuming it worked, you can now edit your evolution settings.
- Start Evolution->Edit->Preferences->Mail Accounts->Receiving options
- Check the "Use customer command to connect to server" field, then
- Set the command string to:
ssh -c arcfour -C -l %u %h exec /usr/bin/imapd [maildir location]
- My maildirs are located in the $HOME/.maildir directory. Yours
could be at $HOME/Maildir, or some other place.