[stunnel-users] Stunnel 4 failing to connect to gmail

Scott Gifford sgifford at suspectclass.com
Tue Dec 16 07:27:53 CET 2008

Jason Haar <Jason.Haar at trimble.co.nz> writes:

> Scott Gifford wrote:
>> It looks like Google's STARTTLS command requires an EHLO to be sent
>> first, which is a someqhat unusual requirement.  I don't think stunnel
>> does that.  Port 465 will start talking SSL directly, without
>> requiring SMTP commands first.
> I've just checked the source code of stunnel-4.26 and it does send EHLO
> - unfortunately it sends "EHLO localhost"
> I bet Gmail is rejecting that connection as "localhost" isn't a valid
> hostname. I think it should use the current hostname instead - that
> would tend to be more valid, and if not, is fixable by the host owner.

Hrm, interesting, I actually didn't test it with stunnel, just took a
guess as to what the problem was.  :-)  

I tried connecting to smtp.gmail.com:587 and sending "EHLO localhost"
then "STARTTLS" and Google didn't complain.

Actually, it looks like Asif didn't have an option to use the SMTP
protocol to do STARTTLS.  Maybe that's been the problem all along.
Asif, I'm not sure what the option is, but I'm sure you can find it by
poking around.


More information about the stunnel-users mailing list