Install imapproxy on Mac OS 10.4

  1. Optional prerequisite, proctools: If you're going to use the init script to start imapproxy, you need to install proctools to let the script kill the process on shutdown. Installation is a little different than normal, but is explained nicely in the README.
  2. Do the normal thing
    1. wget up-imapproxy-1.2.5rc2.tar.gz
    2. tar -xzf up-imapproxy-1.2.5rc2.tar.gz
    3. cd up-imapproxy-1.2.5rc2
    4. ./configure
    5. make
  3. Install executable files: `make install` is broken as the user and group is hardcoded as bin. You can either edit the makefile or copy the necessary files manually, as below:
    1. sudo cp bin/in.imapproxyd /usr/local/sbin/
    2. sudo cp bin/pimpstat /usr/local/sbin/
  4. Install configuration files: sudo make install-conf
  5. Install init files: sudo mkdir /etc/init.d/ && sudo mkdir /etc/rc.2 && sudo make install-init
  6. Install Certification Authority certificates: The included documentation is unclear what to do if you intend to use imapproxy to connect to an IMAP server with TLS/SSL. First, imapproxy cannot connect to IMAP servers using port 993. Instead, imapproxy will only connect to servers using regular IMAP and invoking TLS though the starttls IMAP command (RFC 2595). imapproxy does not currently support a client connecting to it through TLS; it is intended to be run on the same host as the client. Second, you must install the appropriate Certification Authority (CA) certificates that will validate the TLS certificate offered by the server. I grappled with this for a while, even using a working imapproxy installation as a reference to no avail. In the end, I packaged all of the root CA certs from OS X's keychain into a .pem (which I've made available here). It is not necessary to create your own CA or certs as implied in the README.ssl included with the source.
  7. Edit the configuration file: sudo nano imapproxy.conf . I changed the server_hostname string to the IMAP server I want to connect to, the listen_port to allow other IMAP server connection attempts to succeed, the listen_address to 127.0.0.1 to only allow clients on the localhost to connect, the force_tls to yes to force TLS (although the IMAP server I'm connecting to uses LOGINDISABLED). Finally, I changed tls_ca_file to the file path of the CA certs. My working imapproxy configuration file is available here.
  8. Start the proxy: /etc/init.d/imapproxy start

That should be it for getting it to work. You should configure your IMAP client to connect to 127.0.0.1 on whatever port you specified above.

That’s not the whole story, however. Mac OS X does not use init scripts but uses a much cooler launching mechanism called launchd. Launchd takes care of launching, maintaining, and closing daemons, meaning it eliminates a lot of hassle for the daemon programmer.

I’ve created a launchd plist that can be used with launchd to start imapproxy the right way in Mac OS X. If you use this, you do not have to use #5 or #8 above. Also, you must set foreground_mode to yes. Copy the plist to /Library/LaunchDaemons and use sudo launchctl [load|unload] /Library/LaunchDaemons/imapproxy.plist to start and stop the proxy. The proxy will also start whenever the machine is started (to change this, move the plist out of that directory).

There is more Apple information on launchd plists, launchctl, and writing daemons that use launchd.

Original work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 License | © Eric Garrido