[stunnel-users] stunnel and exchange server

• Previous message (by thread): [stunnel-users] ssl3 handshake error
• Next message (by thread): [stunnel-users] (no subject)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm having trouble getting exchange and stunnel to work in one direction.
The exchange server is 2008 - the smtp connector is set for tls on port 465.

I would appreciate any and all suggestions.

my conf file (trimmed out all the comments)
debug = 7
output = C:\Temp\TESTER\stunnel.log
fips = no
options = NO_SSLv2
cert = C:\Temp\TESTER\mycert.pem
RNDfile = C:\Temp\TESTER\stunnel.rnd
taskbar = no

[ssmtp-out]
client = yes
protocol = smtp
sslVersion = all
options = NO_SSLv3
accept = 127.0.0.1:46
connect = 10.50.228.15:465

[ssmtp-in]
client = no
protocol = smtp
delay = yes
accept = 465
connect = 127.0.0.1:45

my app -> ssmtp-out -> exchange works.

here is the .log showing one incoming connection from the exchange server:

2012.04.28 00:52:46 LOG7[49272:60328]: No limit detected for the number of clients
2012.04.28 00:52:46 LOG5[49272:60328]: stunnel 4.53 on x86-pc-mingw32-gnu platform
2012.04.28 00:52:46 LOG5[49272:60328]: Compiled/running with OpenSSL 0.9.8s-fips 4 Jan 2012
2012.04.28 00:52:46 LOG5[49272:60328]: Threading:WIN32 SSL:+ENGINE+OCSP+FIPS Auth:none Sockets:SELECT+IPv6
2012.04.28 00:52:46 LOG5[49272:60328]: Reading configuration from file C:\Temp\TESTER\stunnel.conf
2012.04.28 00:52:46 LOG5[49272:60328]: FIPS mode is disabled
2012.04.28 00:52:46 LOG7[49272:60328]: Compression not enabled
2012.04.28 00:52:46 LOG7[49272:60328]: Snagged 64 random bytes from C:\Temp\TESTER\stunnel.rnd
2012.04.28 00:52:46 LOG7[49272:60328]: Wrote 1024 new random bytes to C:\Temp\TESTER\stunnel.rnd
2012.04.28 00:52:46 LOG7[49272:60328]: PRNG seeded successfully
2012.04.28 00:52:46 LOG6[49272:60328]: Initializing service section [ssmtp-out]
2012.04.28 00:52:46 LOG7[49272:60328]: Certificate: C:\Temp\TESTER\mycert.pem
2012.04.28 00:52:46 LOG7[49272:60328]: Certificate loaded
2012.04.28 00:52:46 LOG7[49272:60328]: Key file: C:\Temp\TESTER\mycert.pem
2012.04.28 00:52:46 LOG7[49272:60328]: Private key loaded
2012.04.28 00:52:46 LOG7[49272:60328]: SSL options set: 0x03000004
2012.04.28 00:52:46 LOG6[49272:60328]: Initializing service section [ssmtp-in]
2012.04.28 00:52:46 LOG7[49272:60328]: Certificate: C:\Temp\TESTER\mycert.pem
2012.04.28 00:52:46 LOG7[49272:60328]: Certificate loaded
2012.04.28 00:52:46 LOG7[49272:60328]: Key file: C:\Temp\TESTER\mycert.pem
2012.04.28 00:52:46 LOG7[49272:60328]: Private key loaded
2012.04.28 00:52:46 LOG7[49272:60328]: Could not load DH parameters from C:\Temp\TESTER\mycert.pem
2012.04.28 00:52:46 LOG7[49272:60328]: Using hardcoded DH parameters
2012.04.28 00:52:46 LOG7[49272:60328]: DH initialized with 2048-bit key
2012.04.28 00:52:46 LOG7[49272:60328]: ECDH initialized with curve prime256v1
2012.04.28 00:52:46 LOG7[49272:60328]: SSL options set: 0x01000004
2012.04.28 00:52:46 LOG5[49272:60328]: Configuration successful
2012.04.28 00:52:46 LOG7[49272:60328]: Service [ssmtp-out] (FD=1772) bound to 127.0.0.1:46
2012.04.28 00:52:46 LOG7[49272:60328]: Service [ssmtp-in] (FD=1728) bound to 0.0.0.0:465
2012.04.28 00:53:35 LOG7[49272:60328]: Service [ssmtp-in] accepted (FD=1732) from 10.50.228.15:19251
2012.04.28 00:53:35 LOG7[49272:60328]: Creating a new thread
2012.04.28 00:53:35 LOG7[49272:60328]: New thread created
2012.04.28 00:53:35 LOG7[49272:67820]: Service [ssmtp-in] started
2012.04.28 00:53:35 LOG5[49272:67820]: Service [ssmtp-in] accepted connection from 10.50.228.15:19251
2012.04.28 00:53:35 LOG6[49272:67820]: connect_blocking: connecting 127.0.0.1:45
2012.04.28 00:53:35 LOG7[49272:67820]: connect_blocking: s_poll_wait 127.0.0.1:45: waiting 10 seconds
2012.04.28 00:53:35 LOG5[49272:67820]: connect_blocking: connected 127.0.0.1:45
2012.04.28 00:53:35 LOG5[49272:67820]: Service [ssmtp-in] connected remote server from 127.0.0.1:28047
2012.04.28 00:53:35 LOG7[49272:67820]: Remote socket (FD=1696) initialized
2012.04.28 00:53:35 LOG6[49272:67820]: Server-mode smtp protocol negotiations started
2012.04.28 00:53:35 LOG7[49272:67820]: RFC 2487 detected
2012.04.28 00:53:52 LOG7[49272:67820]:  <- 220-<CGMSAlpha> Private ESMTP Server (SMTPTester-1.0 Build 12 [Alpha]) ready
2012.04.28 00:53:52 LOG7[49272:67820]:  -> 220-<CGMSAlpha> Private ESMTP Server (SMTPTester-1.0 Build 12 [Alpha]) ready + stunnel
2012.04.28 00:58:52 LOG6[49272:67820]: fd_getline: s_poll_wait: TIMEOUTbusy exceeded: sending reset
2012.04.28 00:58:52 LOG5[49272:67820]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2012.04.28 00:58:52 LOG7[49272:67820]: Remote socket (FD=1696) closed
2012.04.28 00:58:52 LOG7[49272:67820]: Local socket (FD=1732) closed
2012.04.28 00:58:52 LOG7[49272:67820]: Service [ssmtp-in] finished (0 left)
2012.04.28 00:58:52 LOG7[49272:67820]: str_stats: 1 block(s), 82 data byte(s), 42 control byte(s)

• Previous message (by thread): [stunnel-users] ssl3 handshake error
• Next message (by thread): [stunnel-users] (no subject)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]