stunnel-users January 2018

13 participants
23 discussions

Re: [stunnel-users] outgoing mail solution?
by Parker Brooks 02 Jan '18

02 Jan '18

Douglas, it worked! Thank you! I had not turned on gmail's allow less secure apps, so my first try netted this 2018.01.02 09:00:27 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform 2018.01.02 09:00:27 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips 2 Nov 2017 2018.01.02 09:00:27 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2018.01.02 09:00:27 LOG5[main]: Reading configuration from file stunnel.conf 2018.01.02 09:00:27 LOG5[main]: UTF-8 byte order mark not detected 2018.01.02 09:00:27 LOG5[main]: FIPS mode disabled 2018.01.02 09:00:27 LOG5[main]: Configuration successful 2018.01.02 09:03:09 LOG5[0]: Service [gmail-smtp] accepted connection from 127.0.0.1:1046 2018.01.02 09:03:09 LOG5[0]: s_connect: connected 173.194.78.108:587 2018.01.02 09:03:09 LOG5[0]: Service [gmail-smtp] connected remote server from 192.168.1.103:1047 2018.01.02 09:03:09 LOG5[0]: OCSP: Connecting the AIA responder " http://ocsp.pki.goog/gsr2" 2018.01.02 09:03:10 LOG5[0]: s_connect: connected 172.217.12.78:80 2018.01.02 09:03:10 LOG5[0]: OCSP: Certificate accepted 2018.01.02 09:03:10 LOG5[0]: OCSP: Connecting the AIA responder " http://ocsp.pki.goog/GTSGIAG3" 2018.01.02 09:03:10 LOG5[0]: s_connect: connected 172.217.12.78:80 2018.01.02 09:03:10 LOG5[0]: OCSP: Certificate accepted 2018.01.02 09:03:10 LOG5[0]: Certificate accepted at depth=0: C=US, ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com 2018.01.02 09:03:10 LOG3[0]: PLAIN Authentication Failed 2018.01.02 09:03:10 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket my monitoring s/w showed To = xxxxxx(a)gmail.com Connecting to mail server... 127.0.0.1 E-mail Failed. Error: 25058 / [10057] Socket is not connected 1/2/2018 9:03:10 AM there was a security alert from gmail with the instructions to enabling the less secure apps. turned it on and tried again... 2018.01.02 09:17:45 LOG5[1]: Service [gmail-smtp] accepted connection from 127.0.0.1:1050 2018.01.02 09:17:45 LOG5[1]: s_connect: connected 173.194.78.109:587 2018.01.02 09:17:45 LOG5[1]: Service [gmail-smtp] connected remote server from 192.168.1.103:1051 2018.01.02 09:17:47 LOG5[1]: Connection closed: 306 byte(s) sent to TLS, 508 byte(s) sent to socket again, thank you! On Tue, Jan 2, 2018 at 7:35 AM, Harris, Douglas (SSC/SPC) < douglas.harris(a)canada.ca> wrote: > Try this… > > > > [gmail-smtp] > > client = yes > > accept = 127.0.0.1:25 > > connect = smtp.gmail.com:587 <http://smtp.gmail.com:465> > > verifyChain = yes > > CAfile = ca-certs.pem > > checkHost = smtp.gmail.com > > OCSPaia = yes > > protocol = smtp > > protocolUsername = [your gmail userid] > > protocolPassword = [your gmail password] > > > > > > > > > > *From:* stunnel-users [mailto:[email protected]] *On > Behalf Of *Parker Brooks > *Sent:* January 2, 2018 12:34 AM > *To:* stunnel-users(a)stunnel.org > *Subject:* [stunnel-users] outgoing mail solution? > > > > hello and happy new year! > > > > it seemed this question has been asked before in various ways, however > with the frequent version updates i'm still unclear if stunnel is meant as > a fix to my issue. > > > > i have a outdated home monitoring program running on a winxp box. when an > error occurs it sends an email. it's setup screen (besides the destination > email field) only have a) smtp server, b) undeliverable email address and > c) port # fields to configure. > > > > my workaround for several years (when port 25 became blocked or needed > authetication) has been to use LOApost but they've recently ceased. that > program, also running in the background, and if i understand correctly > acted as a local host. i configured the monitoring program's smtp for > 127.0.0.1 and LOApost did the rest > > > > other searches suggest cloud solutions like sendgrid and authsmtp. but > those sites need a login/ password with the outgoing message. perhaps this > is where i'm getting confused between the differences of SSL and smtp > authentication? > > > > i have gotten gsuite's restricted smtp server to work, but i hoped stunnel > would provide a better solution (ability to send besides gmail/ gsuite > addresses). > > > > below are my conf and log files of my attempt. again, i can't tell if i've > missed a step, or if this is not intended to work. > > > > PS: i've also tried to understand if this feature is on the todo list? > > tia, > > parker > > > > stunnel.conf > > > > [gmail-pop3] > > client = yes > > accept = 127.0.0.1:110 > > connect = pop.gmail.com:995 > > verifyChain = yes > > CAfile = ca-certs.pem > > checkHost = pop.gmail.com > > OCSPaia = yes > > > > [gmail-imap] > > client = yes > > accept = 127.0.0.1:143 > > connect = imap.gmail.com:993 > > verifyChain = yes > > CAfile = ca-certs.pem > > checkHost = imap.gmail.com > > OCSPaia = yes > > > > [gmail-smtp] > > client = yes > > accept = 127.0.0.1:25 > > connect = smtp.gmail.com:465 > > verifyChain = yes > > CAfile = ca-certs.pem > > checkHost = smtp.gmail.com > > OCSPaia = yes > > > > log file > > > > 2017.12.31 16:22:45 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform > > 2017.12.31 16:22:45 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips > 2 Nov 2017 > > 2017.12.31 16:22:45 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 > TLS:ENGINE,FIPS,OCSP,PSK,SNI > > 2017.12.31 16:22:45 LOG5[main]: Reading configuration from file > stunnel.conf > > 2017.12.31 16:22:45 LOG5[main]: UTF-8 byte order mark not detected > > 2017.12.31 16:22:45 LOG5[main]: FIPS mode disabled > > 2017.12.31 16:22:45 LOG5[main]: Configuration successful > > 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] accepted connection from > 127.0.0.1:1141 > > 2017.12.31 16:25:03 LOG5[0]: s_connect: connected 173.194.67.108:465 > > 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] connected remote server > from 192.168.1.103:1142 > > 2017.12.31 16:25:03 LOG5[0]: OCSP: Connecting the AIA responder " > http://ocsp.pki.goog/gsr2" > > 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80 > > 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted > > 2017.12.31 16:25:04 LOG5[0]: OCSP: Connecting the AIA responder " > http://ocsp.pki.goog/GTSGIAG3" > > 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80 > > 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted > > 2017.12.31 16:25:04 LOG5[0]: Certificate accepted at depth=0: C=US, > ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com > > 2017.12.31 16:25:04 LOG5[0]: Connection closed: 55 byte(s) sent to TLS, > 514 byte(s) sent to socket > > > > > > and this is what shows up on my monitoring program log file... > > > > To = xxxxxx(a)gmail.com > > Connecting to mail server... 127.0.0.1 > > Sending message... > > E-mail Failed. Error: 20162 / 530 5.5.1 https://support.google.com/ > mail/?p=WantAuthError 51sm9558225oti.10 - gsmtp > > 12/31/2017 4:25:04 PM >

1 0

Re: [stunnel-users] outgoing mail solution?
by Josealf.rm 02 Jan '18

02 Jan '18

Cool! I was not aware that stunnel fully supported SMTP authentication. Thanks Parker! Saludos Jose Alfredo Diaz > On Jan 2, 2018, at 8:35 AM, Harris, Douglas (SSC/SPC) <douglas.harris(a)canada.ca> wrote: > > Try this… > > [gmail-smtp] > client = yes > accept = 127.0.0.1:25 > connect = smtp.gmail.com:587 > verifyChain = yes > CAfile = ca-certs.pem > checkHost = smtp.gmail.com > OCSPaia = yes > protocol = smtp > protocolUsername = [your gmail userid] > protocolPassword = [your gmail password] > > > > > From: stunnel-users [mailto:[email protected]] On Behalf Of Parker Brooks > Sent: January 2, 2018 12:34 AM > To: stunnel-users(a)stunnel.org > Subject: [stunnel-users] outgoing mail solution? > > hello and happy new year! > > it seemed this question has been asked before in various ways, however with the frequent version updates i'm still unclear if stunnel is meant as a fix to my issue. > > i have a outdated home monitoring program running on a winxp box. when an error occurs it sends an email. it's setup screen (besides the destination email field) only have a) smtp server, b) undeliverable email address and c) port # fields to configure. > > my workaround for several years (when port 25 became blocked or needed authetication) has been to use LOApost but they've recently ceased. that program, also running in the background, and if i understand correctly acted as a local host. i configured the monitoring program's smtp for 127.0.0.1 and LOApost did the rest > > other searches suggest cloud solutions like sendgrid and authsmtp. but those sites need a login/ password with the outgoing message. perhaps this is where i'm getting confused between the differences of SSL and smtp authentication? > > i have gotten gsuite's restricted smtp server to work, but i hoped stunnel would provide a better solution (ability to send besides gmail/ gsuite addresses). > > below are my conf and log files of my attempt. again, i can't tell if i've missed a step, or if this is not intended to work. > > PS: i've also tried to understand if this feature is on the todo list? > tia, > parker > > stunnel.conf > > [gmail-pop3] > client = yes > accept = 127.0.0.1:110 > connect = pop.gmail.com:995 > verifyChain = yes > CAfile = ca-certs.pem > checkHost = pop.gmail.com > OCSPaia = yes > > [gmail-imap] > client = yes > accept = 127.0.0.1:143 > connect = imap.gmail.com:993 > verifyChain = yes > CAfile = ca-certs.pem > checkHost = imap.gmail.com > OCSPaia = yes > > [gmail-smtp] > client = yes > accept = 127.0.0.1:25 > connect = smtp.gmail.com:465 > verifyChain = yes > CAfile = ca-certs.pem > checkHost = smtp.gmail.com > OCSPaia = yes > > log file > > 2017.12.31 16:22:45 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform > 2017.12.31 16:22:45 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips 2 Nov 2017 > 2017.12.31 16:22:45 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI > 2017.12.31 16:22:45 LOG5[main]: Reading configuration from file stunnel.conf > 2017.12.31 16:22:45 LOG5[main]: UTF-8 byte order mark not detected > 2017.12.31 16:22:45 LOG5[main]: FIPS mode disabled > 2017.12.31 16:22:45 LOG5[main]: Configuration successful > 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] accepted connection from 127.0.0.1:1141 > 2017.12.31 16:25:03 LOG5[0]: s_connect: connected 173.194.67.108:465 > 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] connected remote server from 192.168.1.103:1142 > 2017.12.31 16:25:03 LOG5[0]: OCSP: Connecting the AIA responder "http://ocsp.pki.goog/gsr2" > 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80 > 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted > 2017.12.31 16:25:04 LOG5[0]: OCSP: Connecting the AIA responder "http://ocsp.pki.goog/GTSGIAG3" > 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80 > 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted > 2017.12.31 16:25:04 LOG5[0]: Certificate accepted at depth=0: C=US, ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com > 2017.12.31 16:25:04 LOG5[0]: Connection closed: 55 byte(s) sent to TLS, 514 byte(s) sent to socket > > > and this is what shows up on my monitoring program log file... > > To = xxxxxx(a)gmail.com > Connecting to mail server... 127.0.0.1 > Sending message... > E-mail Failed. Error: 20162 / 530 5.5.1 https://support.google.com/mail/?p=WantAuthError 51sm9558225oti.10 - gsmtp > 12/31/2017 4:25:04 PM > _______________________________________________ > stunnel-users mailing list > stunnel-users(a)stunnel.org > https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

1 0

outgoing mail solution?
by Parker Brooks 02 Jan '18

02 Jan '18

hello and happy new year! it seemed this question has been asked before in various ways, however with the frequent version updates i'm still unclear if stunnel is meant as a fix to my issue. i have a outdated home monitoring program running on a winxp box. when an error occurs it sends an email. it's setup screen (besides the destination email field) only have a) smtp server, b) undeliverable email address and c) port # fields to configure. my workaround for several years (when port 25 became blocked or needed authetication) has been to use LOApost but they've recently ceased. that program, also running in the background, and if i understand correctly acted as a local host. i configured the monitoring program's smtp for 127.0.0.1 and LOApost did the rest other searches suggest cloud solutions like sendgrid and authsmtp. but those sites need a login/ password with the outgoing message. perhaps this is where i'm getting confused between the differences of SSL and smtp authentication? i have gotten gsuite's restricted smtp server to work, but i hoped stunnel would provide a better solution (ability to send besides gmail/ gsuite addresses). below are my conf and log files of my attempt. again, i can't tell if i've missed a step, or if this is not intended to work. PS: i've also tried to understand if this feature is on the todo list? tia, parker stunnel.conf [gmail-pop3] client = yes accept = 127.0.0.1:110 connect = pop.gmail.com:995 verifyChain = yes CAfile = ca-certs.pem checkHost = pop.gmail.com OCSPaia = yes [gmail-imap] client = yes accept = 127.0.0.1:143 connect = imap.gmail.com:993 verifyChain = yes CAfile = ca-certs.pem checkHost = imap.gmail.com OCSPaia = yes [gmail-smtp] client = yes accept = 127.0.0.1:25 connect = smtp.gmail.com:465 verifyChain = yes CAfile = ca-certs.pem checkHost = smtp.gmail.com OCSPaia = yes log file 2017.12.31 16:22:45 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform 2017.12.31 16:22:45 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips 2 Nov 2017 2017.12.31 16:22:45 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2017.12.31 16:22:45 LOG5[main]: Reading configuration from file stunnel.conf 2017.12.31 16:22:45 LOG5[main]: UTF-8 byte order mark not detected 2017.12.31 16:22:45 LOG5[main]: FIPS mode disabled 2017.12.31 16:22:45 LOG5[main]: Configuration successful 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] accepted connection from 127.0.0.1:1141 2017.12.31 16:25:03 LOG5[0]: s_connect: connected 173.194.67.108:465 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] connected remote server from 192.168.1.103:1142 2017.12.31 16:25:03 LOG5[0]: OCSP: Connecting the AIA responder " http://ocsp.pki.goog/gsr2" 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted 2017.12.31 16:25:04 LOG5[0]: OCSP: Connecting the AIA responder " http://ocsp.pki.goog/GTSGIAG3" 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted 2017.12.31 16:25:04 LOG5[0]: Certificate accepted at depth=0: C=US, ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com 2017.12.31 16:25:04 LOG5[0]: Connection closed: 55 byte(s) sent to TLS, 514 byte(s) sent to socket and this is what shows up on my monitoring program log file... To = xxxxxx(a)gmail.com Connecting to mail server... 127.0.0.1 Sending message... E-mail Failed. Error: 20162 / 530 5.5.1 https://support.google.com/ mail/?p=WantAuthError 51sm9558225oti.10 - gsmtp 12/31/2017 4:25:04 PM

3 2

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

stunnel-users January 2018