
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Aerowinder, The protocolUsername and protocolPassword options are currently only supported with the "connect" protocol. There are plans to also support them in the "smtp" protocol, but this feature is not implemented yet. Best regards, Mike On 15.10.2015 17:03, Aerowinder wrote:
Greetings,
Running stunnel 5.25 latest beta (2015-10-15), but also had the same issues on 5.24 final.
My config file looks like this:
debug = debug output = xxxxx client = yes cert = stunnel.pem
[outlook-smtp] accept = 127.0.0.1:25 connect = smtp-mail.outlook.com:587 protocol = smtp ;protocolUsername = xxxx ;protocolPassword = xxxx CAfile = ca-certs.pem checkHost = smtp-mail.outlook.com OCSPaia = yes verify = 2
I am testing functionality to make sure that I am able to send mail with my Outlook.com address. I currently have User/Pass field commented out, but I've tried with them not commented out, and the actual values instead of "xxxx" (the app I'm using has fields for username and password).
My log:
2015.10.15 11:01:24 LOG7[cron]: Cron started 2015.10.15 11:01:24 LOG7[main]: No limit detected for the number of clients 2015.10.15 11:01:24 LOG5[main]: stunnel 5.25 on x86-pc-msvc-1500 platform 2015.10.15 11:01:24 LOG5[main]: Compiled/running with OpenSSL 1.0.2d-fips 9 Jul 2015 2015.10.15 11:01:24 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2015.10.15 11:01:24 LOG7[main]: errno: (*_errno()) 2015.10.15 11:01:24 LOG7[ui]: GUI message loop initialized 2015.10.15 11:01:24 LOG5[main]: Reading configuration from file stunnel.conf 2015.10.15 11:01:24 LOG5[main]: UTF-8 byte order mark detected 2015.10.15 11:01:24 LOG5[main]: FIPS mode disabled 2015.10.15 11:01:24 LOG7[main]: Compression disabled 2015.10.15 11:01:24 LOG7[main]: PRNG seeded successfully 2015.10.15 11:01:24 LOG6[main]: Initializing service [outlook-smtp] 2015.10.15 11:01:24 LOG6[main]: Loading certificate from file: stunnel.pem 2015.10.15 11:01:24 LOG6[main]: Loading key from file: stunnel.pem 2015.10.15 11:01:24 LOG7[main]: Private key check succeeded 2015.10.15 11:01:24 LOG7[main]: SSL options: 0x03000004 (+0x03000000, -0x00000000) 2015.10.15 11:01:24 LOG5[main]: Configuration successful 2015.10.15 11:01:24 LOG7[main]: Listening file descriptor created (FD=652) 2015.10.15 11:01:24 LOG7[main]: Service [outlook-smtp] (FD=652) bound to 127.0.0.1:25 2015.10.15 11:01:31 LOG7[main]: Found 1 ready file descriptor(s) 2015.10.15 11:01:31 LOG7[main]: FD=408 ifds=r-x ofds=--- 2015.10.15 11:01:31 LOG7[main]: Service [outlook-smtp] accepted (FD=692) from 127.0.0.1:58065 2015.10.15 11:01:31 LOG7[main]: Creating a new thread 2015.10.15 11:01:31 LOG7[main]: New thread created 2015.10.15 11:01:31 LOG7[0]: Service [outlook-smtp] started 2015.10.15 11:01:31 LOG5[0]: Service [outlook-smtp] accepted connection from 127.0.0.1:58065 2015.10.15 11:01:31 LOG6[0]: s_connect: connecting 65.55.176.126:587 2015.10.15 11:01:31 LOG7[0]: s_connect: s_poll_wait 65.55.176.126:587: waiting 10 seconds 2015.10.15 11:01:31 LOG5[0]: s_connect: connected 65.55.176.126:587 2015.10.15 11:01:31 LOG5[0]: Service [outlook-smtp] connected remote server from 172.26.1.51:58066 2015.10.15 11:01:31 LOG7[0]: Remote descriptor (FD=704) initialized 2015.10.15 11:01:31 LOG7[0]: <- 220 BLU436-SMTP245.smtp.hotmail.com Microsoft ESMTP MAIL Service, Version: 8.0.9200.16384 ready at Thu, 15 Oct 2015 08:01:34 -0700 2015.10.15 11:01:31 LOG7[0]: -> 220 BLU436-SMTP245.smtp.hotmail.com Microsoft ESMTP MAIL Service, Version: 8.0.9200.16384 ready at Thu, 15 Oct 2015 08:01:34 -0700 2015.10.15 11:01:31 LOG7[0]: -> EHLO localhost 2015.10.15 11:01:31 LOG7[0]: <- 250-BLU436-SMTP245.smtp.hotmail.com Hello [70.90.151.129] 2015.10.15 11:01:31 LOG7[0]: <- 250-TURN 2015.10.15 11:01:31 LOG7[0]: <- 250-SIZE 41943040 2015.10.15 11:01:31 LOG7[0]: <- 250-ETRN 2015.10.15 11:01:31 LOG7[0]: <- 250-PIPELINING 2015.10.15 11:01:31 LOG7[0]: <- 250-DSN 2015.10.15 11:01:31 LOG7[0]: <- 250-ENHANCEDSTATUSCODES 2015.10.15 11:01:31 LOG7[0]: <- 250-8bitmime 2015.10.15 11:01:31 LOG7[0]: <- 250-BINARYMIME 2015.10.15 11:01:31 LOG7[0]: <- 250-CHUNKING 2015.10.15 11:01:31 LOG7[0]: <- 250-VRFY 2015.10.15 11:01:31 LOG7[0]: <- 250-TLS 2015.10.15 11:01:31 LOG7[0]: <- 250-STARTTLS 2015.10.15 11:01:31 LOG7[0]: <- 250 OK 2015.10.15 11:01:31 LOG7[0]: -> STARTTLS 2015.10.15 11:01:31 LOG7[0]: <- 220 2.0.0 SMTP server ready 2015.10.15 11:01:31 LOG6[0]: SNI: sending servername: smtp-mail.outlook.com 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): before/connect initialization 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv2/v3 write client hello A 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 read server hello A 2015.10.15 11:01:31 LOG7[0]: Verification started at depth=2: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA 2015.10.15 11:01:31 LOG7[0]: CERT: Pre-verification succeeded 2015.10.15 11:01:31 LOG7[0]: OCSP: Ignoring root certificate 2015.10.15 11:01:31 LOG6[0]: Certificate accepted at depth=2: C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA 2015.10.15 11:01:31 LOG7[0]: Verification started at depth=1: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - G2 2015.10.15 11:01:31 LOG7[0]: CERT: Pre-verification succeeded 2015.10.15 11:01:31 LOG5[0]: OCSP: Connecting the AIA responder "http://ocsp.globalsign.com/rootr1" 2015.10.15 11:01:31 LOG6[0]: s_connect: connecting 108.162.232.204:80 2015.10.15 11:01:31 LOG7[0]: s_connect: s_poll_wait 108.162.232.204:80: waiting 10 seconds 2015.10.15 11:01:31 LOG5[0]: s_connect: connected 108.162.232.204:80 2015.10.15 11:01:31 LOG7[0]: OCSP: Connected ocsp.globalsign.com:80 2015.10.15 11:01:31 LOG7[0]: OCSP: Response received 2015.10.15 11:01:31 LOG6[0]: OCSP: Status: good 2015.10.15 11:01:31 LOG6[0]: OCSP: This update: Oct 15 10:27:35 2015 GMT 2015.10.15 11:01:31 LOG6[0]: OCSP: Next update: Oct 19 10:27:35 2015 GMT 2015.10.15 11:01:31 LOG5[0]: OCSP: Certificate accepted 2015.10.15 11:01:31 LOG6[0]: Certificate accepted at depth=1: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - G2 2015.10.15 11:01:31 LOG7[0]: Verification started at depth=0: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=*.hotmail.com 2015.10.15 11:01:31 LOG7[0]: CERT: Pre-verification succeeded 2015.10.15 11:01:31 LOG6[0]: CERT: Host name "smtp-mail.outlook.com" matched with "*.outlook.com" 2015.10.15 11:01:31 LOG5[0]: OCSP: Connecting the AIA responder "http://ocsp2.globalsign.com/gsorganizationvalg2" 2015.10.15 11:01:31 LOG6[0]: s_connect: connecting 108.162.232.196:80 2015.10.15 11:01:31 LOG7[0]: s_connect: s_poll_wait 108.162.232.196:80: waiting 10 seconds 2015.10.15 11:01:31 LOG5[0]: s_connect: connected 108.162.232.196:80 2015.10.15 11:01:31 LOG7[0]: OCSP: Connected ocsp2.globalsign.com:80 2015.10.15 11:01:31 LOG7[0]: OCSP: Response received 2015.10.15 11:01:31 LOG6[0]: OCSP: Status: good 2015.10.15 11:01:31 LOG6[0]: OCSP: This update: Oct 15 08:26:15 2015 GMT 2015.10.15 11:01:31 LOG6[0]: OCSP: Next update: Oct 16 08:26:15 2015 GMT 2015.10.15 11:01:31 LOG5[0]: OCSP: Certificate accepted 2015.10.15 11:01:31 LOG5[0]: Certificate accepted at depth=0: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=*.hotmail.com 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 read server certificate A 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 read server key exchange A 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 read server done A 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 write client key exchange A 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 write change cipher spec A 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 write finished A 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 flush data 2015.10.15 11:01:31 LOG7[0]: SSL state (connect): SSLv3 read finished A 2015.10.15 11:01:31 LOG7[0]: 1 client connect(s) requested 2015.10.15 11:01:31 LOG7[0]: 1 client connect(s) succeeded 2015.10.15 11:01:31 LOG7[0]: 0 client renegotiation(s) requested 2015.10.15 11:01:31 LOG7[0]: 0 session reuse(s) 2015.10.15 11:01:31 LOG6[0]: SSL connected: new session negotiated 2015.10.15 11:01:31 LOG7[0]: Peer certificate was cached (3461 bytes) 2015.10.15 11:01:31 LOG6[0]: Negotiated TLSv1.2 ciphersuite ECDHE-RSA-AES256-SHA384 (256-bit encryption) 2015.10.15 11:01:31 LOG7[0]: Compression: null, expansion: null 2015.10.15 11:01:31 LOG6[0]: SSL socket closed (SSL_read) 2015.10.15 11:01:31 LOG7[0]: Sent socket write shutdown 2015.10.15 11:01:31 LOG5[0]: Connection closed: 139 byte(s) sent to SSL, 351 byte(s) sent to socket 2015.10.15 11:01:31 LOG7[0]: Remote descriptor (FD=704) closed 2015.10.15 11:01:31 LOG7[0]: Local descriptor (FD=692) closed 2015.10.15 11:01:31 LOG7[0]: Service [outlook-smtp] finished (0 left)
I don't see any errors in the log, but Outlook is reporting an incorrect password on the security section of my Microsoft Account. More specifically, I'm seeing error 5.7.3: Requested action aborted, user not authenticated," I know the password works because I set it up as an account in Outlook 2010 and tested sending the email. It works great. I am using 2FA with an app-specific password. But I have also tried without 2FA. I am 100% certain the account name [email protected] and the password are correct. As far as the config file goes, I've tried just about everything I could find on Google. Nothing works, always the same error message.
I also experienced similar failures with Gmail.
Any ideas? _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWH8J2AAoJEC78f/DUFuAUB5IP/0AuWw5AeC3L04F5NTeaNGWf fIiy5++hYmwkjkwHLm03HfK4zi6JckYAj4VHltWvANBcSnKzP94uzauaHTBRB/Mp I23twqYa95NSKbhznQscEFGwgaBqG+IvcUAo480Ih/uEEAvuHECiliEiLLVy80VG W80LwbTMaoIXB89yUeUVZUAPnKNkK3hl9XHfZQrrvNXK5tvFhmVCdQB9Bal3l6wS iw6hzLuXSKJwEh0jN9ujqgRKrzziJuon/6N95PkQlECgM/Uw3N5fJo0FmDm0qfDp 34U7QWYSTQsq/VZBydBixqK1OuYEZVvblgBGAG+a38XYlUa44Dw/EuamKOAYm00Q nkG81SPg7wjXtpGt35HoNPromHwRDqWEhOLAyLUlVh8oioI0Wd1gkHIiVTgymsdQ /YpB9vo/yj5C2YMOhpgetFPgqU0nqfGxdZ9V760aO90ZO5uHpgqjuHl3/+jkCbm+ BIJ3Bv1Ub9tmAoKJXuRPmWU7Yza2As1EInr7X4SPUpk6HGog8BhTnhMgbF5n6hmu rGncDhnK0A9V8IKnQANU1qMPpxJQkur1jCC8lmgrDSn6XbNVl2K5eMiJP8NK1jJ7 3n9b1kDzYf+2ucI+PiA5Q4pE9VY4LydBUgvJyqPtpZAYC6gR+aluv6sN7XnLzRL9 4sUFUo2m7ZprKU0HMIAH =oima -----END PGP SIGNATURE-----