I'm having trouble getting exchange and stunnel to work in one direction. The exchange server is 2008 - the smtp connector is set for tls on port 465.
I would appreciate any and all suggestions.
my conf file (trimmed out all the comments) debug = 7 output = C:\Temp\TESTER\stunnel.log fips = no options = NO_SSLv2 cert = C:\Temp\TESTER\mycert.pem RNDfile = C:\Temp\TESTER\stunnel.rnd taskbar = no
[ssmtp-out] client = yes protocol = smtp sslVersion = all options = NO_SSLv3 accept = 127.0.0.1:46 connect = 10.50.228.15:465
[ssmtp-in] client = no protocol = smtp delay = yes accept = 465 connect = 127.0.0.1:45
my app -> ssmtp-out -> exchange works.
here is the .log showing one incoming connection from the exchange server:
2012.04.28 00:52:46 LOG7[49272:60328]: No limit detected for the number of clients 2012.04.28 00:52:46 LOG5[49272:60328]: stunnel 4.53 on x86-pc-mingw32-gnu platform 2012.04.28 00:52:46 LOG5[49272:60328]: Compiled/running with OpenSSL 0.9.8s-fips 4 Jan 2012 2012.04.28 00:52:46 LOG5[49272:60328]: Threading:WIN32 SSL:+ENGINE+OCSP+FIPS Auth:none Sockets:SELECT+IPv6 2012.04.28 00:52:46 LOG5[49272:60328]: Reading configuration from file C:\Temp\TESTER\stunnel.conf 2012.04.28 00:52:46 LOG5[49272:60328]: FIPS mode is disabled 2012.04.28 00:52:46 LOG7[49272:60328]: Compression not enabled 2012.04.28 00:52:46 LOG7[49272:60328]: Snagged 64 random bytes from C:\Temp\TESTER\stunnel.rnd 2012.04.28 00:52:46 LOG7[49272:60328]: Wrote 1024 new random bytes to C:\Temp\TESTER\stunnel.rnd 2012.04.28 00:52:46 LOG7[49272:60328]: PRNG seeded successfully 2012.04.28 00:52:46 LOG6[49272:60328]: Initializing service section [ssmtp-out] 2012.04.28 00:52:46 LOG7[49272:60328]: Certificate: C:\Temp\TESTER\mycert.pem 2012.04.28 00:52:46 LOG7[49272:60328]: Certificate loaded 2012.04.28 00:52:46 LOG7[49272:60328]: Key file: C:\Temp\TESTER\mycert.pem 2012.04.28 00:52:46 LOG7[49272:60328]: Private key loaded 2012.04.28 00:52:46 LOG7[49272:60328]: SSL options set: 0x03000004 2012.04.28 00:52:46 LOG6[49272:60328]: Initializing service section [ssmtp-in] 2012.04.28 00:52:46 LOG7[49272:60328]: Certificate: C:\Temp\TESTER\mycert.pem 2012.04.28 00:52:46 LOG7[49272:60328]: Certificate loaded 2012.04.28 00:52:46 LOG7[49272:60328]: Key file: C:\Temp\TESTER\mycert.pem 2012.04.28 00:52:46 LOG7[49272:60328]: Private key loaded 2012.04.28 00:52:46 LOG7[49272:60328]: Could not load DH parameters from C:\Temp\TESTER\mycert.pem 2012.04.28 00:52:46 LOG7[49272:60328]: Using hardcoded DH parameters 2012.04.28 00:52:46 LOG7[49272:60328]: DH initialized with 2048-bit key 2012.04.28 00:52:46 LOG7[49272:60328]: ECDH initialized with curve prime256v1 2012.04.28 00:52:46 LOG7[49272:60328]: SSL options set: 0x01000004 2012.04.28 00:52:46 LOG5[49272:60328]: Configuration successful 2012.04.28 00:52:46 LOG7[49272:60328]: Service [ssmtp-out] (FD=1772) bound to 127.0.0.1:46 2012.04.28 00:52:46 LOG7[49272:60328]: Service [ssmtp-in] (FD=1728) bound to 0.0.0.0:465 2012.04.28 00:53:35 LOG7[49272:60328]: Service [ssmtp-in] accepted (FD=1732) from 10.50.228.15:19251 2012.04.28 00:53:35 LOG7[49272:60328]: Creating a new thread 2012.04.28 00:53:35 LOG7[49272:60328]: New thread created 2012.04.28 00:53:35 LOG7[49272:67820]: Service [ssmtp-in] started 2012.04.28 00:53:35 LOG5[49272:67820]: Service [ssmtp-in] accepted connection from 10.50.228.15:19251 2012.04.28 00:53:35 LOG6[49272:67820]: connect_blocking: connecting 127.0.0.1:45 2012.04.28 00:53:35 LOG7[49272:67820]: connect_blocking: s_poll_wait 127.0.0.1:45: waiting 10 seconds 2012.04.28 00:53:35 LOG5[49272:67820]: connect_blocking: connected 127.0.0.1:45 2012.04.28 00:53:35 LOG5[49272:67820]: Service [ssmtp-in] connected remote server from 127.0.0.1:28047 2012.04.28 00:53:35 LOG7[49272:67820]: Remote socket (FD=1696) initialized 2012.04.28 00:53:35 LOG6[49272:67820]: Server-mode smtp protocol negotiations started 2012.04.28 00:53:35 LOG7[49272:67820]: RFC 2487 detected 2012.04.28 00:53:52 LOG7[49272:67820]: <- 220-<CGMSAlpha> Private ESMTP Server (SMTPTester-1.0 Build 12 [Alpha]) ready 2012.04.28 00:53:52 LOG7[49272:67820]: -> 220-<CGMSAlpha> Private ESMTP Server (SMTPTester-1.0 Build 12 [Alpha]) ready + stunnel 2012.04.28 00:58:52 LOG6[49272:67820]: fd_getline: s_poll_wait: TIMEOUTbusy exceeded: sending reset 2012.04.28 00:58:52 LOG5[49272:67820]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2012.04.28 00:58:52 LOG7[49272:67820]: Remote socket (FD=1696) closed 2012.04.28 00:58:52 LOG7[49272:67820]: Local socket (FD=1732) closed 2012.04.28 00:58:52 LOG7[49272:67820]: Service [ssmtp-in] finished (0 left) 2012.04.28 00:58:52 LOG7[49272:67820]: str_stats: 1 block(s), 82 data byte(s), 42 control byte(s)