[stunnel-users] stunnel not working properly on Redhat linux (fresh install)

Peter Pentchev roam at ringlet.net
Fri Jan 4 16:03:10 CET 2019

On Fri, Jan 04, 2019 at 03:14:27PM +0100, Klaus Kloeser wrote:
> Hi,
> I have set up Stunnel as SSL Wrapper for googlemail on a Redhat Enterprise Linux 7.2 installation.
> The stunnel.conf:
> output = /var/log/stunnel.log 
> cert = /etc/pki/tls/certs/2019stunnel.pem 
> client = yes 
> sslVersion = TLSv1 
> ;fips=no 
> [ssmtp] 
> accept = 1925
> connect=smtp.googlemail.com:587

If you want stunnel to accept plaintext (unencrypted) connections and to
establish an encrypted (SSL/TLS) connection to smtp.googlemail.com, you
will either need to change the port from 587 (the "submission" service,
a kind of simplified SMTP protocol) to 465 (SMTP over TLS), or, if you
really insist on connecting to the submission service and then starting
a TLS session, you will need to tell stunnel to start by speaking SMTP
and issuing a STARTTLS command by also specifying "protocol = smtp".
Either option (changing the connect line to specify port 465 or adding
a "protocol = smtp" line) should work, I just tested them on my Debian

Hope that helps!


Peter Pentchev  roam@{ringlet.net,debian.org,FreeBSD.org} pp at storpool.com
PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20190104/39705161/attachment.sig>

More information about the stunnel-users mailing list