Many of us need to run Support Software to keep on top of client needs and requests, as well as remove some of the burden from our support staff.

Because of this need, we are using Kayako SupportSuite for our helpdesk application. While setting it up, we noticed that the latest release has a little bit of an issue with fetching mail using google’s pop3 service.

We haven’t looked into the problem too much, but we have noted that there is mention of it on the Kayako Forums that other users are experiencing the same difficulties.

Of course, we made sure our PHP installation was indeed compiled with SSL and IMAP and IMAP-SSL support, but this still did not fix the problem. So far, this is the only “solution” given by the Kayako support representatives.

Well, we actually wanted it to work, so we dug a little furthur into it. As it turns out, it’s not actually Kayako’s fault that this doesn’t work, but merely a not-so-great implementation of SSL/POP3 in PHP. Kayako could work around this, and are aware of the problem so we assume it will get fixed in future releases.

We did get IMAP SSL working using the Kayako fetching script, but IMAP is not perfect for support queues. So, we still wanted to get POP3 working. No matter what was tried, we could not get it to work.

Then, an ephinany hit – we also use Microsoft Small Business Server on our Intranet, and we ran into this problem previously with Exchange server not being able to communicate with SSL enabled mail hosts.

So, we introduced the same hack that we did on the Microsoft Exchange Server, to our Kayako SupportSuite Linux Server.

We used Stunnel.

Elegant? No. Best Solution Ever? No. Does it work? So far, flawlessly.

It’s very easy to setup, and get going. Here is what we had to do under Gentoo Linux.

First we made sure our use flags were proper

# emerge -pv stunnel

Which outputs this

net-misc/stunnel-4.21-r1 USE="ssl tcpd -ipv6 (-selinux)"

This looks fine, we need tcpd, and ssl. Now we install stunnel.

# emerge stunnel

Then we have to configure some options, which are very straight forward

# nano /etc/stunnel/stunnel.conf

Now we make the file look like this

setuid = stunnel  
setgid = stunnel  
pid = /var/run/stunnel/stunnel.pid  
socket = l:TCP_NODELAY=1  
socket = r:TCP_NODELAY=1  
output = stunnel.log  
client = yes  
debug = 7

[pop3s]  
accept = 127.0.0.1:1109  
connect = pop.gmail.com:995

[smtps]  
accept = 127.0.0.1:259  
connect = smtp.gmail.com:465

Save and exit the file. These lines will make the SMTP-SSL server listen on localhost port 259, and connect out to gmail at port 465. The POP-SSL will be listening on localhost port 1109, connecting out to gmail on port 995.

That’s it for the stunnel configuration. You can start it up like so.

# /etc/init.d/stunnel start

Now add it to your defaults so it will auto start

# rc-update add stunnel default

So, we’re done with the stunnel configuration. Now we’ll need to configure Kayako so make use of this.

  1. Login to your Kayako Administration Interface

  2. Click on Settings on the left menu

  3. Click on CPU Optimization & Server

  4. Scroll down to “SMTP Settings” and make sure it’s the following:

     Enable SMTP: Yes 
     SMTP Host: 127.0.0.1 
     SMTP Port: 259 
     Use SMTP Authentication: Yes 
     SMTP Username: youraddress@gmail.com (or youraddress@yourdomain.com)
     SMTP Password: yourpassword
    
  5. Click Update Settings.

Now we’re done with the SMTP setup, so we’ll have to setup your email queues with the proper information. We’ll assume you’ve already read the Kayako documentation on email queues and will not go into them here.

  1. Still in the Kayako Administration Interface Click Mail Parser on the left menu

  2. Now click on Manage E-mail Queues from the dropdown menu

  3. Click on your Email Queue (for example: support@yourdomain.com) or create a new one

  4. Scroll down to Login Information and ensure these settings are configured:

     Host: 127.0.0.1
     Port: 1109 
     Username: youraddress@gmail.com (or youraddress@yourdomain.com) 
     Password: yourpassword
    
  5. Configure any other options for your email queue.

  6. Scroll down and click on Update to save your changes.

  7. Repeat with any other email queues changing the email address/password for each account.

Now you are finished the Kayako configuration. You should be able to run your administrative cron script to check for new mail. Check the Scheduled Tasks -> Task Log to verify that your mail is being fetched. If you don’t know what we’re talking about here, you haven’t read the Kayako documentation, and should do so now.

We’ve been using this for a few weeks now and haven’t had an issue. It’s cronned to check mail every 2 minutes, and we have the added benefit of Google Apps archiving all incoming mail for us automatically before Kayako picks it up for delivery.

Hope you like the tutorial, we welcome feedback in the comments.