[stunnel-users] Unable to make SSL connexion work

OLIVER Patrice patrice.oliver at ch-lepuy.fr
Tue Aug 6 19:35:10 CEST 2013


Hi,

Since our company had to migrate to Orange Office365 platform, we cannot send simple SMTP message using smtp.office365.com

We have to use SMTP over TLS.

While I have to use some applications which cannot use SMTP, I installed and setup STunnel.

When I try to send a simple mail like this :
telnet myserver 25
ehlo ch-lepuy.fr
mail from: toto at ch-lepuy.fr

I cannot continue with rcpt to syntax and I have the following message :
rcpt to:530 5.7.1 Client was not authenticated

In the STunnel log file, I can see that :
2013.08.06 19:20:49 LOG7[1352:2832]: SSL state (connect): before/connect initialization
2013.08.06 19:20:49 LOG7[1352:2832]: SSL state (connect): SSLv3 write client hello A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server hello A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server certificate A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server key exchange A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server certificate request A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server done A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write client certificate A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write client key exchange A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write certificate verify A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write change cipher spec A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write finished A
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 flush data
2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read finished A
2013.08.06 19:20:50 LOG7[1352:2832]:    1 items in the session cache
2013.08.06 19:20:50 LOG7[1352:2832]:    1 client connects (SSL_connect())
2013.08.06 19:20:50 LOG7[1352:2832]:    1 client connects that finished
2013.08.06 19:20:50 LOG7[1352:2832]:    0 client renegotiations requested
2013.08.06 19:20:50 LOG7[1352:2832]:    0 server connects (SSL_accept())
2013.08.06 19:20:50 LOG7[1352:2832]:    0 server connects that finished
2013.08.06 19:20:50 LOG7[1352:2832]:    0 server renegotiations requested
2013.08.06 19:20:50 LOG7[1352:2832]:    0 session cache hits
2013.08.06 19:20:50 LOG7[1352:2832]:    0 external session cache hits
2013.08.06 19:20:50 LOG7[1352:2832]:    0 session cache misses
2013.08.06 19:20:50 LOG7[1352:2832]:    0 session cache timeouts
2013.08.06 19:20:50 LOG7[1352:2832]: Peer certificate was cached (6184 bytes)
2013.08.06 19:20:50 LOG6[1352:2832]: SSL connected: new session negotiated
2013.08.06 19:20:50 LOG6[1352:2832]: Negotiated TLSv1/SSLv3 ciphersuite: ECDHE-RSA-AES256-SHA (256-bit encryption)
2013.08.06 19:20:50 LOG6[1352:2832]: Compression: null, expansion: null
2013.08.06 19:21:13 LOG3[1352:2832]: SSL_read: Connection reset by peer (WSAECONNRESET) (10054)
2013.08.06 19:21:13 LOG5[1352:2832]: Connection reset: 65 byte(s) sent to SSL, 231 byte(s) sent to socket
2013.08.06 19:21:13 LOG7[1352:2832]: Remote socket (FD=316) closed
2013.08.06 19:21:13 LOG7[1352:2832]: Local socket (FD=244) closed
2013.08.06 19:21:13 LOG7[1352:2832]: Service [SMTP Outgoing] finished (0 left)


Here is my STunnel setup :
client = yes
output = stunnel-log.txt
debug = 7
taskbar = yes

; Disable FIPS mode to allow non-approved protocols and algorithms
;fips = no

; **************************************************************************
; * Service defaults may also be specified in individual service sections  *
; **************************************************************************

; Certificate/key is needed in server mode and optional in client mode
cert = stunnel.pem

; Disable support for insecure SSLv2 protocol
options = NO_SSLv2

[SMTP Outgoing]
protocol = smtp
accept = 25
connect = smtp.office365.com:587



Does anyone have an idea ?

Regards?

Patrice Oliver | Centre Hospitalier Emile Roux
Responsable Informatique
T. 04 71 04 38 30

12 Bd Andr? Chantemesse - 43012 LE PUY EN VELAY Cedex
http://www.ch-lepuy.fr


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20130806/47e39a33/attachment.html>


More information about the stunnel-users mailing list