[stunnel-users] Getting Stunnel working with Verizon.net SMTP

• Previous message (by thread): [stunnel-users] Getting Stunnel working with Verizon.net SMTP
• Next message (by thread): [stunnel-users] Getting Stunnel working with Verizon.net SMTP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thank you very much for working with me on resolving this.

On your first post I didn't see the difference in port numbers.  I have corrected that.  
Thank you for catching it.   It did get me closer to resolving the issue.

I'm getting this log from my email client:
--- Wed, 12 Jun 2013 12:22:46 ---
Connect to 'localhost' port 10115, timeout 60.
12:22:46.960 [*] Connection established to 127.0.0.1
12:22:47.226 >> 0120 220 vms173007pub.verizon.net -- Server ESMTP (Sun Java(tm) 
System Messaging Server 7u2-7.02 32bit (built Apr 16 2009))\0D\0A
12:22:47.226 << 0023 EHLO [192.168.168.11]\0D\0A
12:22:47.288 >> 0030 250-vms173007pub.verizon.net\0D\0A
12:22:47.288 >> 0014 250-8BITMIME\0D\0A
12:22:47.288 >> 0016 250-PIPELINING\0D\0A
12:22:47.288 >> 0014 250-CHUNKING\0D\0A
12:22:47.288 >> 0009 250-DSN\0D\0A
12:22:47.288 >> 0025 250-ENHANCEDSTATUSCODES\0D\0A
12:22:47.288 >> 0010 250-HELP\0D\0A
12:22:47.288 >> 0044 250-XLOOP AD6DF29B04183351BAD9935B9A483ABE\0D\0A
12:22:47.288 >> 0042 250-AUTH DIGEST-MD5 PLAIN LOGIN CRAM-MD5\0D\0A
12:22:47.288 >> 0022 250-AUTH=LOGIN PLAIN\0D\0A
12:22:47.288 >> 0010 250-ETRN\0D\0A
12:22:47.288 >> 0019 250-NO-SOLICITING\0D\0A
12:22:47.288 >> 0019 250 SIZE 20971520\0D\0A
12:22:47.288 << 0015 AUTH CRAM-MD5\0D\0A
12:22:47.335 >> 0050 334 
PDEzNTYyOTY5MjEuMTIxMTA1NTFAdm1zMTczMDA3Pg==\0D\0A
12:22:47.335 << 0058 
YXR1cHJlcyBkYTlmZTI3MWFjODNjYWUxOTVjNmZhZWQ5ZGE0NTUzYg==\0D\0A
12:22:47.397 >> 0066 500 5.7.0 Unknown AUTH error -1 (Internal authentication 
error).\0D\0A
12:22:50.845 << 0006 QUIT\0D\0A
12:22:50.892 >> 0034 221 2.3.0 Bye received. Goodbye.\0D\0A
12:22:50.892 --- Connection closed normally at Wed, 12 Jun 2013 12:22:50. ---\0A\0A

I'm getting this in the Stunnel.log
2013.06.12 12:22:46 LOG7[660:2460]: New thread created
2013.06.12 12:22:46 LOG7[660:896]: Service [Verizon-smtp] started
2013.06.12 12:22:46 LOG5[660:896]: Service [Verizon-smtp] accepted connection from 
127.0.0.1:52721
2013.06.12 12:22:46 LOG6[660:896]: connect_blocking: connecting 206.46.232.12:465
2013.06.12 12:22:46 LOG7[660:896]: connect_blocking: s_poll_wait 206.46.232.12:465: 
waiting 10 seconds
2013.06.12 12:22:46 LOG5[660:896]: connect_blocking: connected 206.46.232.12:465
2013.06.12 12:22:46 LOG5[660:896]: Service [Verizon-smtp] connected remote server 
from 192.168.168.11:52722
2013.06.12 12:22:46 LOG7[660:896]: Remote socket (FD=384) initialized
2013.06.12 12:22:46 LOG7[660:896]: SNI: sending servername: outgoing.verizon.net
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): before/connect initialization
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 write client hello A
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 read server hello A
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 read server 
certificate A
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 read server key 
exchange A
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 read server done A
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 write client key 
exchange A
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 write change cipher 
spec A
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 write finished A
2013.06.12 12:22:46 LOG7[660:896]: SSL state (connect): SSLv3 flush data
2013.06.12 12:22:47 LOG7[660:896]: SSL state (connect): SSLv3 read finished A
2013.06.12 12:22:47 LOG7[660:896]:    2 items in the session cache
2013.06.12 12:22:47 LOG7[660:896]:    2 client connects (SSL_connect())
2013.06.12 12:22:47 LOG7[660:896]:    2 client connects that finished
2013.06.12 12:22:47 LOG7[660:896]:    0 client renegotiations requested
2013.06.12 12:22:47 LOG7[660:896]:    0 server connects (SSL_accept())
2013.06.12 12:22:47 LOG7[660:896]:    0 server connects that finished
2013.06.12 12:22:47 LOG7[660:896]:    0 server renegotiations requested
2013.06.12 12:22:47 LOG7[660:896]:    0 session cache hits
2013.06.12 12:22:47 LOG7[660:896]:    0 external session cache hits
2013.06.12 12:22:47 LOG7[660:896]:    0 session cache misses
2013.06.12 12:22:47 LOG7[660:896]:    0 session cache timeouts
2013.06.12 12:22:47 LOG6[660:896]: SSL connected: new session negotiated
2013.06.12 12:22:47 LOG6[660:896]: Negotiated TLSv1/SSLv3 ciphersuite: 
DHE-RSA-AES256-SHA (256-bit encryption)
2013.06.12 12:22:47 LOG6[660:896]: Compression: null, expansion: null
2013.06.12 12:22:50 LOG6[660:896]: Read socket closed (readsocket)
2013.06.12 12:22:50 LOG7[660:896]: Sending close_notify alert
2013.06.12 12:22:50 LOG7[660:896]: SSL alert (write): warning: close notify
2013.06.12 12:22:50 LOG6[660:896]: SSL_shutdown successfully sent close_notify 
alert
2013.06.12 12:22:50 LOG7[660:896]: SSL alert (read): warning: close notify
2013.06.12 12:22:50 LOG6[660:896]: SSL closed (SSL_read)
2013.06.12 12:22:50 LOG7[660:896]: Sent socket write shutdown
2013.06.12 12:22:50 LOG5[660:896]: Connection closed: 102 byte(s) sent to SSL, 544 
byte(s) sent to socket
2013.06.12 12:22:50 LOG7[660:896]: Remote socket (FD=384) closed
2013.06.12 12:22:50 LOG7[660:896]: Local socket (FD=216) closed
2013.06.12 12:22:50 LOG7[660:896]: Service [Verizon-smtp] finished (0 left)

Do you have any idea why I am getting:
12:22:47.397 >> 0066 500 5.7.0 Unknown AUTH error -1 (Internal authentication 
error).\0D\0A

Thank you,

Gary

On 12 Jun 2013 at 20:36, Jochen (Jochen Bern <Jochen.Bern at LINworks.de>) 
commented about Re: [stunnel-users] Getting Stunnel working with :

> On 12.06.2013 19:48, Gary Kuznitz wrote:
> > Thanks for showing me how to test SSL.  I installed openssl and ran the test.  This is 
> > what I received back.
> > 
> > C:\Programs\OpenSSL-Win32\bin>openssl s_client -connect smtp.verizon.net:465
> [...]
> >     Verify return code: 19 (self signed certificate in certificate chain)
> > ---
> 
> At this point, the SSL layer of the connection has been set up (s_client
> ignores the non-null verification result) and the actual payload
> protocol can start to do its thing. The payload protocol is SMTP, so the
> server throws you a hello line:
> 
> > 220 vms173025pub.verizon.net -- Server ESMTP (Sun Java(tm) System Messaging Server 7u2-7.02 32bit (built Apr 16 2009))
> 
> and then waits for the client to send its requests. Since you apparently
> didn't enter anything, the server obviously terminated the connection with:
> 
> > 421 4.4.2 Timeout while waiting for command.
> 
> An actual SMTP session with an *attempt* at transferring an e-mail would
> look like, e.g.:
> 
> > 220 vms173023pub.verizon.net -- Server ESMTP (Sun Java(tm) System Messaging Server 7u2-7.02 32bit (built Apr 16 2009))
> > HELO this.is.my.laptop
> > 250 vms173023pub.verizon.net OK, [unknown] [213.157.4.156].
> > MAIL FROM:<Jochen.Bern at LINworks.de>
> > 550 5.7.1 Authentication Required
> > rSET
> > 250 2.5.0 Ok.
> > QUIT
> 
> (The lines starting with a three-digit SMTP status code number are sent
> by the server; the 5xx code signals a permanent error; the lines
> starting with a four-letter SMTP command are sent by the client, i.e., I
> typed them into the s_client; and I typed "rSET" instead of the normal
> "RSET" because s_client takes every line starting with an *uppercase*
> 'R' as a command to do an SSL renegotiation.)
> 
> > It sounds like something is wrong on this end.  Any ideas?
> 
> What about the two *****DIFFERING***** port numbers I pointed out in
> your posted data?
> 
> >> On 12.06.2013 05:12, Gary Kuznitz wrote:
> >>> [Verizon-smtp]
> >>> client = yes
> >>> accept = 11015
> >>            ^##^^
> >> [...]
> >>> --- Tue, 11 Jun 2013 16:38:55 ---
> >>> Connect to 'localhost' port 10115, timeout 60.
> >>                               ^##^^
> 
> I don't actually use stunnel (subscribed to the list when I had a need
> that I later fulfilled with socat, but that's Unix/Linux only), so I
> don't know whether stunnel has a problem with the self-signed cert ...
> 
> Regards,
> 								J. Bern
> -- 
> *NEU* - NEC IT-Infrastruktur-Produkte im <http://www.linworks-shop.de/>:
> Server--Storage--Virtualisierung--Management SW--Passion for Performance
> Jochen Bern, Systemingenieur --- LINworks GmbH <http://www.LINworks.de/>
> Postfach 100121, 64201 Darmstadt | Robert-Koch-Str. 9, 64331 Weiterstadt
> PGP (1024D/4096g) FP = D18B 41B1 16C0 11BA 7F8C DCF7 E1D5 FAF4 444E 1C27
> Tel. +49 6151 9067-231, Zentr. -0, Fax -299 - Amtsg. Darmstadt HRB 85202
> Unternehmenssitz Weiterstadt, Geschäftsführer Metin Dogan, Oliver Michel

• Previous message (by thread): [stunnel-users] Getting Stunnel working with Verizon.net SMTP
• Next message (by thread): [stunnel-users] Getting Stunnel working with Verizon.net SMTP
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]