[stunnel-users] outgoing mail solution?

Parker Brooks atmplayboy at gmail.com
Tue Jan 2 16:37:44 CET 2018


Douglas, it worked! Thank you!

I had not turned on gmail's allow less secure apps, so my first try netted
this

2018.01.02 09:00:27 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform
2018.01.02 09:00:27 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips
2 Nov 2017
2018.01.02 09:00:27 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6
TLS:ENGINE,FIPS,OCSP,PSK,SNI
2018.01.02 09:00:27 LOG5[main]: Reading configuration from file stunnel.conf
2018.01.02 09:00:27 LOG5[main]: UTF-8 byte order mark not detected
2018.01.02 09:00:27 LOG5[main]: FIPS mode disabled
2018.01.02 09:00:27 LOG5[main]: Configuration successful
2018.01.02 09:03:09 LOG5[0]: Service [gmail-smtp] accepted connection from
127.0.0.1:1046
2018.01.02 09:03:09 LOG5[0]: s_connect: connected 173.194.78.108:587
2018.01.02 09:03:09 LOG5[0]: Service [gmail-smtp] connected remote server
from 192.168.1.103:1047
2018.01.02 09:03:09 LOG5[0]: OCSP: Connecting the AIA responder "
http://ocsp.pki.goog/gsr2"
2018.01.02 09:03:10 LOG5[0]: s_connect: connected 172.217.12.78:80
2018.01.02 09:03:10 LOG5[0]: OCSP: Certificate accepted
2018.01.02 09:03:10 LOG5[0]: OCSP: Connecting the AIA responder "
http://ocsp.pki.goog/GTSGIAG3"
2018.01.02 09:03:10 LOG5[0]: s_connect: connected 172.217.12.78:80
2018.01.02 09:03:10 LOG5[0]: OCSP: Certificate accepted
2018.01.02 09:03:10 LOG5[0]: Certificate accepted at depth=0: C=US,
ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com
2018.01.02 09:03:10 LOG3[0]: PLAIN Authentication Failed
2018.01.02 09:03:10 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0
byte(s) sent to socket

my monitoring s/w showed

To  = xxxxxx at gmail.com
Connecting to mail server... 127.0.0.1
E-mail Failed.  Error: 25058 / [10057] Socket is not connected
1/2/2018 9:03:10 AM

there was a security alert from gmail with the instructions to enabling the
less secure apps. turned it on and tried again...

2018.01.02 09:17:45 LOG5[1]: Service [gmail-smtp] accepted connection from
127.0.0.1:1050
2018.01.02 09:17:45 LOG5[1]: s_connect: connected 173.194.78.109:587
2018.01.02 09:17:45 LOG5[1]: Service [gmail-smtp] connected remote server
from 192.168.1.103:1051
2018.01.02 09:17:47 LOG5[1]: Connection closed: 306 byte(s) sent to TLS,
508 byte(s) sent to socket

again, thank you!

On Tue, Jan 2, 2018 at 7:35 AM, Harris, Douglas (SSC/SPC) <
douglas.harris at canada.ca> wrote:

> Try this…
>
>
>
> [gmail-smtp]
>
> client = yes
>
> accept = 127.0.0.1:25
>
> connect = smtp.gmail.com:587 <http://smtp.gmail.com:465>
>
> verifyChain = yes
>
> CAfile = ca-certs.pem
>
> checkHost = smtp.gmail.com
>
> OCSPaia = yes
>
> protocol = smtp
>
> protocolUsername = [your gmail userid]
>
> protocolPassword = [your gmail password]
>
>
>
>
>
>
>
>
>
> *From:* stunnel-users [mailto:stunnel-users-bounces at stunnel.org] *On
> Behalf Of *Parker Brooks
> *Sent:* January 2, 2018 12:34 AM
> *To:* stunnel-users at stunnel.org
> *Subject:* [stunnel-users] outgoing mail solution?
>
>
>
> hello and happy new year!
>
>
>
> it seemed this question has been asked before in various ways, however
> with the frequent version updates i'm still unclear if stunnel is meant as
> a fix to my issue.
>
>
>
> i have a outdated home monitoring program running on a winxp box. when an
> error occurs it sends an email. it's setup screen (besides the destination
> email field) only have a) smtp server, b) undeliverable email address and
> c) port # fields to configure.
>
>
>
> my workaround for several years (when port 25 became blocked or needed
> authetication) has been to use LOApost but they've recently ceased. that
> program, also running in the background, and if i understand correctly
> acted as a local host. i configured the monitoring program's smtp for
> 127.0.0.1 and LOApost did the rest
>
>
>
> other searches suggest cloud solutions like sendgrid and authsmtp. but
> those sites need a login/ password with the outgoing message. perhaps this
> is where i'm getting confused between the differences of SSL and smtp
> authentication?
>
>
>
> i have gotten gsuite's restricted smtp server to work, but i hoped stunnel
> would provide a better solution (ability to send besides gmail/ gsuite
> addresses).
>
>
>
> below are my conf and log files of my attempt. again, i can't tell if i've
> missed a step, or if this is not intended to work.
>
>
>
> PS: i've also tried to understand if this feature is on the todo list?
>
> tia,
>
> parker
>
>
>
> stunnel.conf
>
>
>
> [gmail-pop3]
>
> client = yes
>
> accept = 127.0.0.1:110
>
> connect = pop.gmail.com:995
>
> verifyChain = yes
>
> CAfile = ca-certs.pem
>
> checkHost = pop.gmail.com
>
> OCSPaia = yes
>
>
>
> [gmail-imap]
>
> client = yes
>
> accept = 127.0.0.1:143
>
> connect = imap.gmail.com:993
>
> verifyChain = yes
>
> CAfile = ca-certs.pem
>
> checkHost = imap.gmail.com
>
> OCSPaia = yes
>
>
>
> [gmail-smtp]
>
> client = yes
>
> accept = 127.0.0.1:25
>
> connect = smtp.gmail.com:465
>
> verifyChain = yes
>
> CAfile = ca-certs.pem
>
> checkHost = smtp.gmail.com
>
> OCSPaia = yes
>
>
>
> log file
>
>
>
> 2017.12.31 16:22:45 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform
>
> 2017.12.31 16:22:45 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips
> 2 Nov 2017
>
> 2017.12.31 16:22:45 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6
> TLS:ENGINE,FIPS,OCSP,PSK,SNI
>
> 2017.12.31 16:22:45 LOG5[main]: Reading configuration from file
> stunnel.conf
>
> 2017.12.31 16:22:45 LOG5[main]: UTF-8 byte order mark not detected
>
> 2017.12.31 16:22:45 LOG5[main]: FIPS mode disabled
>
> 2017.12.31 16:22:45 LOG5[main]: Configuration successful
>
> 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] accepted connection from
> 127.0.0.1:1141
>
> 2017.12.31 16:25:03 LOG5[0]: s_connect: connected 173.194.67.108:465
>
> 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] connected remote server
> from 192.168.1.103:1142
>
> 2017.12.31 16:25:03 LOG5[0]: OCSP: Connecting the AIA responder "
> http://ocsp.pki.goog/gsr2"
>
> 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80
>
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted
>
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Connecting the AIA responder "
> http://ocsp.pki.goog/GTSGIAG3"
>
> 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80
>
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted
>
> 2017.12.31 16:25:04 LOG5[0]: Certificate accepted at depth=0: C=US,
> ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com
>
> 2017.12.31 16:25:04 LOG5[0]: Connection closed: 55 byte(s) sent to TLS,
> 514 byte(s) sent to socket
>
>
>
>
>
> and this is what shows up on my monitoring program log file...
>
>
>
> To  = xxxxxx at gmail.com
>
> Connecting to mail server... 127.0.0.1
>
> Sending message...
>
> E-mail Failed.  Error: 20162 / 530 5.5.1  https://support.google.com/
> mail/?p=WantAuthError 51sm9558225oti.10 - gsmtp
>
> 12/31/2017 4:25:04 PM
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20180102/b58f535b/attachment-0001.html>


More information about the stunnel-users mailing list