Re: [stunnel-users] Service [SMTP Outgoing] needs authentication to prevent MITM attacks

2 Sep 2015


      My stunnel.conf looks like this:
# Stunnel configuration file for Office 365 SMTP
    # Eric Poythress
    # GLOBAL OPTIONS
    client = yes
    output = stunnel-log.txt
    debug=7
    taskbar=yes
# SERVICE-LEVEL OPTIONS
    [SMTP Outgoing]
    client = yes
    protocol = smtp
    accept = 25
    connect = smtp.office365.com:587
    verify = 2
    CAfile = ca-certs.pem
    checkHost = smtp.office365.com
A larger sample of my logs looks like this:
2015.09.01 22:15:15 LOG5[1]: s_connect: connected 132.245.70.98:587
    2015.09.01 22:15:15 LOG5[1]: Service [SMTP Outgoing] connected remote server from 192.168.100.41:1565
    2015.09.01 22:15:15 LOG7[1]: Remote socket (FD=468) initialized
    2015.09.01 22:15:15 LOG7[1]:  <- 220 SN1PR15CA0037.outlook.office365.com Microsoft ESMTP MAIL Service ready at Wed, 2 Sep 2015 03:13:50 +0000
    2015.09.01 22:15:15 LOG7[1]:  -> 220 SN1PR15CA0037.outlook.office365.com Microsoft ESMTP MAIL Service ready at Wed, 2 Sep 2015 03:13:50 +0000
    2015.09.01 22:15:15 LOG7[1]:  -> EHLO localhost
    2015.09.01 22:15:15 LOG7[1]:  <- 250-SN1PR15CA0037.outlook.office365.com Hello [70.167.26.246]
    2015.09.01 22:15:15 LOG7[1]:  <- 250-SIZE 157286400
    2015.09.01 22:15:15 LOG7[1]:  <- 250-PIPELINING
    2015.09.01 22:15:15 LOG7[1]:  <- 250-DSN
    2015.09.01 22:15:15 LOG7[1]:  <- 250-ENHANCEDSTATUSCODES
    2015.09.01 22:15:15 LOG7[1]:  <- 250-STARTTLS
    2015.09.01 22:15:15 LOG7[1]:  <- 250-8BITMIME
    2015.09.01 22:15:15 LOG7[1]:  <- 250-BINARYMIME
    2015.09.01 22:15:15 LOG7[1]:  <- 250 CHUNKING
    2015.09.01 22:15:15 LOG7[1]:  -> STARTTLS
    2015.09.01 22:15:16 LOG7[1]:  <- 220 2.0.0 SMTP server ready
    2015.09.01 22:15:16 LOG6[1]: SNI: sending servername: smtp.office365.com
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): before/connect initialization
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 write client hello A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 read server hello A
    2015.09.01 22:15:16 LOG7[1]: Verification started at depth=2: C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
    2015.09.01 22:15:16 LOG7[1]: CERT: Pre-verification succeeded
    2015.09.01 22:15:16 LOG6[1]: Certificate accepted at depth=2: C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
    2015.09.01 22:15:16 LOG7[1]: Verification started at depth=1: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT SSL SHA1
    2015.09.01 22:15:16 LOG7[1]: CERT: Pre-verification succeeded
    2015.09.01 22:15:16 LOG6[1]: Certificate accepted at depth=1: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT SSL SHA1
    2015.09.01 22:15:16 LOG7[1]: Verification started at depth=0: C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=outlook.com
    2015.09.01 22:15:16 LOG7[1]: CERT: Pre-verification succeeded
    2015.09.01 22:15:16 LOG6[1]: CERT: Host name "smtp.office365.com" matched with "*.office365.com"
    2015.09.01 22:15:16 LOG5[1]: Certificate accepted at depth=0: C=US, ST=WA, L=Redmond, O=Microsoft Corporation, OU=Microsoft Corporation, CN=outlook.com
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 read server certificate A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 read server key exchange A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 read server certificate request A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 read server done A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 write client certificate A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 write client key exchange A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 write change cipher spec A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 write finished A
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 flush data
    2015.09.01 22:15:16 LOG7[1]: SSL state (connect): SSLv3 read finished A
    2015.09.01 22:15:16 LOG7[1]:      2 client connect(s) requested
    2015.09.01 22:15:16 LOG7[1]:      2 client connect(s) succeeded
    2015.09.01 22:15:16 LOG7[1]:      0 client renegotiation(s) requested
    2015.09.01 22:15:16 LOG7[1]:      0 session reuse(s)
    2015.09.01 22:15:16 LOG6[1]: SSL connected: new session negotiated
    2015.09.01 22:15:16 LOG7[1]: Deallocating application specific data for addr index
    2015.09.01 22:15:16 LOG6[1]: Negotiated TLSv1.2 ciphersuite ECDHE-RSA-AES256-SHA384 (256-bit encryption)
    2015.09.01 22:15:16 LOG7[1]: Compression: null, expansion: null
    2015.09.01 22:15:21 LOG6[1]: Read socket closed (readsocket)
    2015.09.01 22:15:21 LOG7[1]: Sending close_notify alert
    2015.09.01 22:15:21 LOG7[1]: SSL alert (write): warning: close notify
    2015.09.01 22:15:21 LOG6[1]: SSL_shutdown successfully sent close_notify alert
    2015.09.01 22:15:21 LOG6[1]: SSL socket closed (SSL_read)
    2015.09.01 22:15:21 LOG7[1]: Sent socket write shutdown
    2015.09.01 22:15:21 LOG5[1]: Connection closed: 71 byte(s) sent to SSL, 237 byte(s) sent to socket
    2015.09.01 22:15:21 LOG7[1]: Remote socket (FD=468) closed
    2015.09.01 22:15:21 LOG7[1]: Local socket (FD=440) closed
    2015.09.01 22:15:21 LOG7[1]: Service [SMTP Outgoing] finished (0 left)
-Eric

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [stunnel-users] Service [SMTP Outgoing] needs authentication to prevent MITM attacks