Secure Email

Rupture no longer offers unencrypted email sending or retrieval. That's a good thing.

For Web-based email, Rupture uses TWIG protected by SSL. SSL is an encryption layer that prevents people from sniffing your email session, including your username, password, and the email itself.

If you SSH to Rupture and use pine or mutt, you're secure by virtue of the SSH session.

For secure desktop-based email, Rupture uses IMAPS (IMAP over SSL).


To use IMAPS, just configure your IMAP client to use SSL. For example, in Apple, do this:

Mail -> Preferences -> (select account) -> Advanced -> Use SSL (Check this box)

Outlook, Outlook Express, Netscape Mail, Eudora, and all other current mail clients support IMAPS. Follow the general path above and select something that looks like "Secure Connection" or "SSL".

Whatever client you use, make sure to use the default IMAPS port (993).

Using SMTP

There are two methods you can use at Rupture to encrypt your outbound mail (SMTP).


The first way is to use SMTPS or SSL/TLS. All current mail clients support these. In your mail client's configuration, use these settings:

SMTP server:
SMTP port: 25
Use SSL: Yes (Eudora says STARTTLS)
Authentication type: password
Secure Authentication: No (The connection is already encrypted with SSL)

You MUST be sure to check the "Use SSL" box. If you don't, it won't work. Rupture does not allow you to send your username and password in clear text across the internet.

If your ISP blocks/filters outbound port 25, you can also use port 465. For the record, port 25 is considered SSL/TLS (or STARTTLS), while port 465 is SMTPS.

The above method is the simplest and most recommended method.

SSH-Tunneled SMTP

You can also use SSH port forwarding to achieve the same ends. This encrypts all of the data (of course once the mail is sent of to the Internet, it is no longer encrypted; the encryption only works between your computer and Rupture).

On your desktop, you tell your SSH client to forward a local port (say, 2500) to the SMTP port on Rupture (25). Once the forwarding is set, you tell your mail program to use localhost as the hostname for SMTP.

Whenever you send mail, the mail program looks at localhost as if it is a real mail server and sends mail. In reality, once it gets to port 2500 on localhost the data is then forwarded through port 22 (the ssh port) to Rupture's port 25.

SSH-Tunneled SMTP Under UNIX

To use SSH port forwarding on a UNIX-like system, do the following:

you@workstation:~> ssh -L

Then, log in and minimize or ignore this window.

You can then configure your mail client with these settings:

SMTP server: localhost
SMTP port: 2500
Use SSL: No
Authentication type: None

There is also a more advanced way to do the above. These instructions tell you how to use inetd to create the SSH tunnel on demand.

SSH-Tunneled SMTP Under Windows

If you are running Windows, find an SSH client that does port forwarding. Putty does this.

Set up a session for Rupture. In the Host Name box, make it say Then click the radio button for SSH, which should make the Port box above change to 22. Then, type Rupture Tunneled SMTP in the Saved Sessions box. Then click Save.

Now, click on the word Tunnels on the tree to the left. Make Source port box say 25. Make the Destination box say Then click Add. You should see under the Forwarded ports box text like this: L25 Now click the word SSH on the tree on the left. Under Preferred SSH protocol version, click the radio button that says 2. Now click on Session at the top of the tree on the left. Then click Save.

Now, double-click Rupture Tunneled SMTP in the Saved Sessions box. You will probably get a popup box entitled PuTTY Security Alert. Click Yes to accept the server host key. Then log in with your usual Rupture username and password.

You can test if it works by telnetting to localhost port 25. To do this, click Start, then Run, then type telnet localhost 25. A telnet window should open up with the text:

220 ESMTP Sendmail 8.13.1/8.13.1; Tue, 14 Dec 2004
21:05:03 -0500 (EST)

If you see this, it worked. You can then tell your mail client to use localhost as an SMTP server with these settings:
SMTP server: localhost
SMTP port: 25
Use SSL: No
Authentication type: None

If you need help, email the admin with as much detail as possible.


File /
was last updated : 10:19 PM 12/14/04