In these days, our provider Ionos/1&1 starts to accept only encrypted access to its mail server and at least TLS 1.2.
There are no problems with incoming mails. In order to be on the safe side with our Win SBS Server 2008 (no comments please!) with outgoing mails, I now have interposed stunnel as recommended many times on the web. This works in principle. Unfortunate exception: In some cases - expecially if the mail recipient has a Microsoft address like @hotmail.de, @live.de, @outlook.com -, sending aborts with error 503 5.5.2 ("Need mail command").
Unfortunately, I'm quite innocent with SMTP, SSL and certificates, but worked hard to create the following stunnel configuration file:
socket = l:TCP_NODELAY=0
socket = r:TCP_NODELAY=0
client = yes
output = C:\Program Files (x86)\stunnel\stunnel.log
[smtpionos]
accept = localhost:465
connect = smtp.ionos.de:465
verifyChain = yes
verifyPeer = yes
CAfile = C:\Program Files (x86)\stunnel\config\amakor2022.pem
checkHost = remote.management-kommunikation.de
protocolHost = smtp.ionos.de
protocolAuthentication = login
protocolUsername = OUR_USERNAME
protocolPassword = OUR_PASSWORD
sslVersionMin = TLSv1.2
sslVersionMax = TLSv1.2
delay = yes
protocol = smtp
amakor2022.pem is the "PositiveSSL" certificate that we acquired for our subdomain remote.management-kommunikation.de. "Our_Username" and "Our_Password" are of course our correct access data.
After spending hours searching the web for a solution, does anyone have a tip what's wrong and what to do?