On Fri, Jan 04, 2019 at 03:14:27PM +0100, Klaus Kloeser wrote:
Hi,
I have set up Stunnel as SSL Wrapper for googlemail on a Redhat Enterprise Linux 7.2 installation.
The stunnel.conf:
output = /var/log/stunnel.log cert = /etc/pki/tls/certs/2019stunnel.pem client = yes sslVersion = TLSv1 ;fips=no
[ssmtp] accept = 1925 connect=smtp.googlemail.com:587
If you want stunnel to accept plaintext (unencrypted) connections and to establish an encrypted (SSL/TLS) connection to smtp.googlemail.com, you will either need to change the port from 587 (the "submission" service, a kind of simplified SMTP protocol) to 465 (SMTP over TLS), or, if you really insist on connecting to the submission service and then starting a TLS session, you will need to tell stunnel to start by speaking SMTP and issuing a STARTTLS command by also specifying "protocol = smtp". Either option (changing the connect line to specify port 465 or adding a "protocol = smtp" line) should work, I just tested them on my Debian setup.
Hope that helps!
G'luck, Peter