Hi Blake, We've been using Goldmine 6.7 and stunnel for years. At the bottom of my email, I've pasted our stunnel config file. Some thoughts:
1) I'm not a stunnel expert at all. The config file you see below was pulled right from the download and then tweaked slightly to make it work. I received the tweak help from this forum. I could be mistaken because its been a few years, but I believe one of the key tweaks was the addition of the line: sslVersion = TLSv1
2) We looked at one time at using the gmail servers, but their POP servers are non-standard. In Goldmine, this was very relevant to us because we wanted Goldmine to delete and email from the POP server if that email was found to match a contact in Goldmine. The gmail servers refused to do this so we avoided gmail and found a standard POP server provider.
3) We use the same network installation and mapped network drive configuration for Goldmine that you describe. We found that the stunnel installation must be on the local machine.
Regards, Jeff
==================================================== # Configuration File Syntax: # http://www.stunnel.org/faq/stunnel.html#configuration_file
# GLOBAL OPTIONS
client = yes output = C:\Documents and Settings\All Users\Application Data\stunnel-log.txt debug = 5 taskbar = yes sslVersion = TLSv1
# Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1
# SERVICE-LEVEL OPTIONS
[pop3] accept=995 connect=mypop3.com:995
[smtp] accept=465 connect=mail.mysmtp.com:465
On 9/14/2011 2:04 PM, Blake Miller wrote:
We are planning to transition our email service to Google Apps with our Goldmine 6.7 Corporate Edition so need to use Stunnel. We have Goldmine setup and run from a central Server and a shared/networked drive F: Each client machine runs Goldmine, BUT via the server path noted earlier. When logged in locally to the server and running Goldmine locally, everything works great. Stunnel is connected, we're able to send/receive email, etc.
However from a remote machine, it doesn't work. Have tried installing stunnel on the local machine. Have tried accessing the said ports via the Server's IP address from within the network. And have hacked around different config setups without luck.
Being a NOOB with Stunnel, we're at a loss with further configuration without literally 'hacking around' in the dark any further.
Our config file is just below
Thanks in advance. Blake
;
; * Global Options
;
; Debugging stuff (may useful for troubleshooting) debug = 7 output = stunnel.log
;
; * Service Defaults (may also be specified in individual service sections)
;
; Certificate/key is needed in server mode and optional in client mode cert = stunnel.pem ;key = stunnel.pem
; Authentication stuff needs to be configured to prevent MITM attacks ; It is not enabled by default! ;verify = 2 ; Don't forget to c_rehash CApath ;CApath = certs ; It's often easier to use CAfile ;CAfile = certs.pem ; Don't forget to c_rehash CRLpath ;CRLpath = crls ; Alternatively CRLfile can be used ;CRLfile = crls.pem
; Disable support for insecure SSLv2 protocol options = NO_SSLv2 ; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS
; The following options provide additional security at some performance penalty ; Default ECDH/DH parameters are strong/conservative, so it is quite safe to ; comment out these lines in order to get a performance boost options = SINGLE_ECDH_USE options = SINGLE_DH_USE
;
; * Service Definitions (at least one service has to be defined)
;
; Example SSL server mode services
;[pop3s] ;accept = 995 ;connect = 110
;[imaps] ;accept = 993 ;connect = 143
;[ssmtp] ;accept = 465 ;connect = 25
; Example SSL client mode services
[gmail-pop3] client = yes accept = 127.0.0.1:9995 connect = pop.gmail.com:995
[gmail-smtp] client = yes accept = 127.0.0.1:4465 connect = smtp.gmail.com:465
;[gmail-imap] ;client = yes ;accept = 127.0.0.1:143 ;connect = imap.gmail.com:993
; Certificate/key is needed in server mode and optional in client mode cert = stunnel.pem ;key = stunnel.pem
stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users