[stunnel-users] Service [SMTP Outgoing] needs authentication to prevent MITM attacks

Michal Trojnara Michal.Trojnara at mirt.net
Tue Sep 1 11:07:34 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 01.09.2015 06:11, Eric Poythress wrote:
> Both are able to see each other just fine but I have the following
> error in the log:
> 
> Service [SMTP Outgoing] needs authentication to prevent MITM
> attacks

It is a warning, and not an error.
See https://www.stunnel.org/auth.html

You probably need something like:

    [SMTP Outgoing]
    client = yes
    accept = 127.0.0.1:<src_port>
    connect = <server_host>:<server_port>
    verify = 2
    CAfile = ca-certs.pem
    checkHost = <server_host>

> Any help or suggests would be greatly appreciated.

Send your stunnel.conf, and a larger sample of your logs.

Preferably, read the following HOWTO:
http://catb.org/~esr/faqs/smart-questions.html
It will make your life a lot easier!

Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJV5WrWAAoJEC78f/DUFuAU+CgP/31pJuvNky6t99qsDwdn5EGo
czTSvPXzn7quwdTZMA9SNQv2G8NvnXv+xxh7xgzEPm4sUq2SehyWKcxxZLHsk5O5
rl3KxE15TMvOw6nqpm3YDwh72788Vu99XKFaFfo0BM6hI++s9WYWjUKfHXn4OEsz
vNf3IqCcCXMeXlgo7xkH4qAmuEyz+Z9UkA6dkaDL5k30oB8m3nhHoGaspBnyBQQ+
ma1fWPwE79JFgE8ecm7wFu0PNu99hCelqL2TARke+VE+qBuzWI41aKcw15rjD+QS
r6xyDi/XFboHiIkWvYDEOCq0C76JnTwrpRigWMvGx8dEQfVO/j9gjyf9seFZe8jv
jHdI7VTQVHMoO4nzCqVpcve3kzrW7I1bQKJLZDPMSUos5BuuHRXKDrlmapO2DDRI
Tp4HzcykchqEfm6Hj4UcnSuQAF/8kQjc1naXFtqENSqfhVTbnkVgjEPyoIh5Nf4c
+NBsnRLYemd+UUXbcC7uBi1qiy1Jbncne4yl5JEjnfkbbl2FhARbGo1sggxvGKQt
ayjLRkyi3luAfWNbmNzKGF3g/u3UPeQAaU9siCVHcyl4n3SNJrMFzlwSxc1iQtry
WUdUBZdNFkmurQlCWBpk81Q+BcBvqYzq/WKdV9FPQqchF57qb0WPfCZDD8PaESbg
TOr07sMmm8kXosdF2KSf
=50AY
-----END PGP SIGNATURE-----


More information about the stunnel-users mailing list