Douglas, it worked! Thank you!
I had not turned on gmail's allow less secure apps, so my first try netted
this
2018.01.02 09:00:27 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform
2018.01.02 09:00:27 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips
2 Nov 2017
2018.01.02 09:00:27 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6
TLS:ENGINE,FIPS,OCSP,PSK,SNI
2018.01.02 09:00:27 LOG5[main]: Reading configuration from file stunnel.conf
2018.01.02 09:00:27 LOG5[main]: UTF-8 byte order mark not detected
2018.01.02 09:00:27 LOG5[main]: FIPS mode disabled
2018.01.02 09:00:27 LOG5[main]: Configuration successful
2018.01.02 09:03:09 LOG5[0]: Service [gmail-smtp] accepted connection from
127.0.0.1:1046
2018.01.02 09:03:09 LOG5[0]: s_connect: connected 173.194.78.108:587
2018.01.02 09:03:09 LOG5[0]: Service [gmail-smtp] connected remote server
from 192.168.1.103:1047
2018.01.02 09:03:09 LOG5[0]: OCSP: Connecting the AIA responder "
http://ocsp.pki.goog/gsr2"
2018.01.02 09:03:10 LOG5[0]: s_connect: connected 172.217.12.78:80
2018.01.02 09:03:10 LOG5[0]: OCSP: Certificate accepted
2018.01.02 09:03:10 LOG5[0]: OCSP: Connecting the AIA responder "
http://ocsp.pki.goog/GTSGIAG3"
2018.01.02 09:03:10 LOG5[0]: s_connect: connected 172.217.12.78:80
2018.01.02 09:03:10 LOG5[0]: OCSP: Certificate accepted
2018.01.02 09:03:10 LOG5[0]: Certificate accepted at depth=0: C=US,
ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com
2018.01.02 09:03:10 LOG3[0]: PLAIN Authentication Failed
2018.01.02 09:03:10 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0
byte(s) sent to socket
my monitoring s/w showed
To = xxxxxx(a)gmail.com
Connecting to mail server... 127.0.0.1
E-mail Failed. Error: 25058 / [10057] Socket is not connected
1/2/2018 9:03:10 AM
there was a security alert from gmail with the instructions to enabling the
less secure apps. turned it on and tried again...
2018.01.02 09:17:45 LOG5[1]: Service [gmail-smtp] accepted connection from
127.0.0.1:1050
2018.01.02 09:17:45 LOG5[1]: s_connect: connected 173.194.78.109:587
2018.01.02 09:17:45 LOG5[1]: Service [gmail-smtp] connected remote server
from 192.168.1.103:1051
2018.01.02 09:17:47 LOG5[1]: Connection closed: 306 byte(s) sent to TLS,
508 byte(s) sent to socket
again, thank you!
On Tue, Jan 2, 2018 at 7:35 AM, Harris, Douglas (SSC/SPC) <
douglas.harris(a)canada.ca> wrote:
> Try this…
>
>
>
> [gmail-smtp]
>
> client = yes
>
> accept = 127.0.0.1:25
>
> connect = smtp.gmail.com:587 <http://smtp.gmail.com:465>
>
> verifyChain = yes
>
> CAfile = ca-certs.pem
>
> checkHost = smtp.gmail.com
>
> OCSPaia = yes
>
> protocol = smtp
>
> protocolUsername = [your gmail userid]
>
> protocolPassword = [your gmail password]
>
>
>
>
>
>
>
>
>
> *From:* stunnel-users [mailto:[email protected]] *On
> Behalf Of *Parker Brooks
> *Sent:* January 2, 2018 12:34 AM
> *To:* stunnel-users(a)stunnel.org
> *Subject:* [stunnel-users] outgoing mail solution?
>
>
>
> hello and happy new year!
>
>
>
> it seemed this question has been asked before in various ways, however
> with the frequent version updates i'm still unclear if stunnel is meant as
> a fix to my issue.
>
>
>
> i have a outdated home monitoring program running on a winxp box. when an
> error occurs it sends an email. it's setup screen (besides the destination
> email field) only have a) smtp server, b) undeliverable email address and
> c) port # fields to configure.
>
>
>
> my workaround for several years (when port 25 became blocked or needed
> authetication) has been to use LOApost but they've recently ceased. that
> program, also running in the background, and if i understand correctly
> acted as a local host. i configured the monitoring program's smtp for
> 127.0.0.1 and LOApost did the rest
>
>
>
> other searches suggest cloud solutions like sendgrid and authsmtp. but
> those sites need a login/ password with the outgoing message. perhaps this
> is where i'm getting confused between the differences of SSL and smtp
> authentication?
>
>
>
> i have gotten gsuite's restricted smtp server to work, but i hoped stunnel
> would provide a better solution (ability to send besides gmail/ gsuite
> addresses).
>
>
>
> below are my conf and log files of my attempt. again, i can't tell if i've
> missed a step, or if this is not intended to work.
>
>
>
> PS: i've also tried to understand if this feature is on the todo list?
>
> tia,
>
> parker
>
>
>
> stunnel.conf
>
>
>
> [gmail-pop3]
>
> client = yes
>
> accept = 127.0.0.1:110
>
> connect = pop.gmail.com:995
>
> verifyChain = yes
>
> CAfile = ca-certs.pem
>
> checkHost = pop.gmail.com
>
> OCSPaia = yes
>
>
>
> [gmail-imap]
>
> client = yes
>
> accept = 127.0.0.1:143
>
> connect = imap.gmail.com:993
>
> verifyChain = yes
>
> CAfile = ca-certs.pem
>
> checkHost = imap.gmail.com
>
> OCSPaia = yes
>
>
>
> [gmail-smtp]
>
> client = yes
>
> accept = 127.0.0.1:25
>
> connect = smtp.gmail.com:465
>
> verifyChain = yes
>
> CAfile = ca-certs.pem
>
> checkHost = smtp.gmail.com
>
> OCSPaia = yes
>
>
>
> log file
>
>
>
> 2017.12.31 16:22:45 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform
>
> 2017.12.31 16:22:45 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips
> 2 Nov 2017
>
> 2017.12.31 16:22:45 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6
> TLS:ENGINE,FIPS,OCSP,PSK,SNI
>
> 2017.12.31 16:22:45 LOG5[main]: Reading configuration from file
> stunnel.conf
>
> 2017.12.31 16:22:45 LOG5[main]: UTF-8 byte order mark not detected
>
> 2017.12.31 16:22:45 LOG5[main]: FIPS mode disabled
>
> 2017.12.31 16:22:45 LOG5[main]: Configuration successful
>
> 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] accepted connection from
> 127.0.0.1:1141
>
> 2017.12.31 16:25:03 LOG5[0]: s_connect: connected 173.194.67.108:465
>
> 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] connected remote server
> from 192.168.1.103:1142
>
> 2017.12.31 16:25:03 LOG5[0]: OCSP: Connecting the AIA responder "
> http://ocsp.pki.goog/gsr2"
>
> 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80
>
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted
>
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Connecting the AIA responder "
> http://ocsp.pki.goog/GTSGIAG3"
>
> 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80
>
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted
>
> 2017.12.31 16:25:04 LOG5[0]: Certificate accepted at depth=0: C=US,
> ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com
>
> 2017.12.31 16:25:04 LOG5[0]: Connection closed: 55 byte(s) sent to TLS,
> 514 byte(s) sent to socket
>
>
>
>
>
> and this is what shows up on my monitoring program log file...
>
>
>
> To = xxxxxx(a)gmail.com
>
> Connecting to mail server... 127.0.0.1
>
> Sending message...
>
> E-mail Failed. Error: 20162 / 530 5.5.1 https://support.google.com/
> mail/?p=WantAuthError 51sm9558225oti.10 - gsmtp
>
> 12/31/2017 4:25:04 PM
>
Cool! I was not aware that stunnel fully supported SMTP authentication.
Thanks Parker!
Saludos
Jose Alfredo Diaz
> On Jan 2, 2018, at 8:35 AM, Harris, Douglas (SSC/SPC) <douglas.harris(a)canada.ca> wrote:
>
> Try this…
>
> [gmail-smtp]
> client = yes
> accept = 127.0.0.1:25
> connect = smtp.gmail.com:587
> verifyChain = yes
> CAfile = ca-certs.pem
> checkHost = smtp.gmail.com
> OCSPaia = yes
> protocol = smtp
> protocolUsername = [your gmail userid]
> protocolPassword = [your gmail password]
>
>
>
>
> From: stunnel-users [mailto:[email protected]] On Behalf Of Parker Brooks
> Sent: January 2, 2018 12:34 AM
> To: stunnel-users(a)stunnel.org
> Subject: [stunnel-users] outgoing mail solution?
>
> hello and happy new year!
>
> it seemed this question has been asked before in various ways, however with the frequent version updates i'm still unclear if stunnel is meant as a fix to my issue.
>
> i have a outdated home monitoring program running on a winxp box. when an error occurs it sends an email. it's setup screen (besides the destination email field) only have a) smtp server, b) undeliverable email address and c) port # fields to configure.
>
> my workaround for several years (when port 25 became blocked or needed authetication) has been to use LOApost but they've recently ceased. that program, also running in the background, and if i understand correctly acted as a local host. i configured the monitoring program's smtp for 127.0.0.1 and LOApost did the rest
>
> other searches suggest cloud solutions like sendgrid and authsmtp. but those sites need a login/ password with the outgoing message. perhaps this is where i'm getting confused between the differences of SSL and smtp authentication?
>
> i have gotten gsuite's restricted smtp server to work, but i hoped stunnel would provide a better solution (ability to send besides gmail/ gsuite addresses).
>
> below are my conf and log files of my attempt. again, i can't tell if i've missed a step, or if this is not intended to work.
>
> PS: i've also tried to understand if this feature is on the todo list?
> tia,
> parker
>
> stunnel.conf
>
> [gmail-pop3]
> client = yes
> accept = 127.0.0.1:110
> connect = pop.gmail.com:995
> verifyChain = yes
> CAfile = ca-certs.pem
> checkHost = pop.gmail.com
> OCSPaia = yes
>
> [gmail-imap]
> client = yes
> accept = 127.0.0.1:143
> connect = imap.gmail.com:993
> verifyChain = yes
> CAfile = ca-certs.pem
> checkHost = imap.gmail.com
> OCSPaia = yes
>
> [gmail-smtp]
> client = yes
> accept = 127.0.0.1:25
> connect = smtp.gmail.com:465
> verifyChain = yes
> CAfile = ca-certs.pem
> checkHost = smtp.gmail.com
> OCSPaia = yes
>
> log file
>
> 2017.12.31 16:22:45 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform
> 2017.12.31 16:22:45 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips 2 Nov 2017
> 2017.12.31 16:22:45 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
> 2017.12.31 16:22:45 LOG5[main]: Reading configuration from file stunnel.conf
> 2017.12.31 16:22:45 LOG5[main]: UTF-8 byte order mark not detected
> 2017.12.31 16:22:45 LOG5[main]: FIPS mode disabled
> 2017.12.31 16:22:45 LOG5[main]: Configuration successful
> 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] accepted connection from 127.0.0.1:1141
> 2017.12.31 16:25:03 LOG5[0]: s_connect: connected 173.194.67.108:465
> 2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] connected remote server from 192.168.1.103:1142
> 2017.12.31 16:25:03 LOG5[0]: OCSP: Connecting the AIA responder "http://ocsp.pki.goog/gsr2"
> 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Connecting the AIA responder "http://ocsp.pki.goog/GTSGIAG3"
> 2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80
> 2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted
> 2017.12.31 16:25:04 LOG5[0]: Certificate accepted at depth=0: C=US, ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com
> 2017.12.31 16:25:04 LOG5[0]: Connection closed: 55 byte(s) sent to TLS, 514 byte(s) sent to socket
>
>
> and this is what shows up on my monitoring program log file...
>
> To = xxxxxx(a)gmail.com
> Connecting to mail server... 127.0.0.1
> Sending message...
> E-mail Failed. Error: 20162 / 530 5.5.1 https://support.google.com/mail/?p=WantAuthError 51sm9558225oti.10 - gsmtp
> 12/31/2017 4:25:04 PM
> _______________________________________________
> stunnel-users mailing list
> stunnel-users(a)stunnel.org
> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
hello and happy new year!
it seemed this question has been asked before in various ways, however with
the frequent version updates i'm still unclear if stunnel is meant as a fix
to my issue.
i have a outdated home monitoring program running on a winxp box. when an
error occurs it sends an email. it's setup screen (besides the destination
email field) only have a) smtp server, b) undeliverable email address and
c) port # fields to configure.
my workaround for several years (when port 25 became blocked or needed
authetication) has been to use LOApost but they've recently ceased. that
program, also running in the background, and if i understand correctly
acted as a local host. i configured the monitoring program's smtp for
127.0.0.1 and LOApost did the rest
other searches suggest cloud solutions like sendgrid and authsmtp. but
those sites need a login/ password with the outgoing message. perhaps this
is where i'm getting confused between the differences of SSL and smtp
authentication?
i have gotten gsuite's restricted smtp server to work, but i hoped stunnel
would provide a better solution (ability to send besides gmail/ gsuite
addresses).
below are my conf and log files of my attempt. again, i can't tell if i've
missed a step, or if this is not intended to work.
PS: i've also tried to understand if this feature is on the todo list?
tia,
parker
stunnel.conf
[gmail-pop3]
client = yes
accept = 127.0.0.1:110
connect = pop.gmail.com:995
verifyChain = yes
CAfile = ca-certs.pem
checkHost = pop.gmail.com
OCSPaia = yes
[gmail-imap]
client = yes
accept = 127.0.0.1:143
connect = imap.gmail.com:993
verifyChain = yes
CAfile = ca-certs.pem
checkHost = imap.gmail.com
OCSPaia = yes
[gmail-smtp]
client = yes
accept = 127.0.0.1:25
connect = smtp.gmail.com:465
verifyChain = yes
CAfile = ca-certs.pem
checkHost = smtp.gmail.com
OCSPaia = yes
log file
2017.12.31 16:22:45 LOG5[main]: stunnel 5.44 on x86-pc-msvc-1500 platform
2017.12.31 16:22:45 LOG5[main]: Compiled/running with OpenSSL 1.0.2m-fips
2 Nov 2017
2017.12.31 16:22:45 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6
TLS:ENGINE,FIPS,OCSP,PSK,SNI
2017.12.31 16:22:45 LOG5[main]: Reading configuration from file stunnel.conf
2017.12.31 16:22:45 LOG5[main]: UTF-8 byte order mark not detected
2017.12.31 16:22:45 LOG5[main]: FIPS mode disabled
2017.12.31 16:22:45 LOG5[main]: Configuration successful
2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] accepted connection from
127.0.0.1:1141
2017.12.31 16:25:03 LOG5[0]: s_connect: connected 173.194.67.108:465
2017.12.31 16:25:03 LOG5[0]: Service [gmail-smtp] connected remote server
from 192.168.1.103:1142
2017.12.31 16:25:03 LOG5[0]: OCSP: Connecting the AIA responder "
http://ocsp.pki.goog/gsr2"
2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80
2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted
2017.12.31 16:25:04 LOG5[0]: OCSP: Connecting the AIA responder "
http://ocsp.pki.goog/GTSGIAG3"
2017.12.31 16:25:04 LOG5[0]: s_connect: connected 172.217.14.174:80
2017.12.31 16:25:04 LOG5[0]: OCSP: Certificate accepted
2017.12.31 16:25:04 LOG5[0]: Certificate accepted at depth=0: C=US,
ST=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com
2017.12.31 16:25:04 LOG5[0]: Connection closed: 55 byte(s) sent to TLS, 514
byte(s) sent to socket
and this is what shows up on my monitoring program log file...
To = xxxxxx(a)gmail.com
Connecting to mail server... 127.0.0.1
Sending message...
E-mail Failed. Error: 20162 / 530 5.5.1 https://support.google.com/
mail/?p=WantAuthError 51sm9558225oti.10 - gsmtp
12/31/2017 4:25:04 PM