All:
I have had this setup working fine since Comcast blocked port 25 and recently stopped working.
This is a MS Small Business Server 2003 with Exchange, I know, old and obsolete but I would like to keep it working until I migrate to Linux.
Anyway, right now I also have my desktop, Win10, using the same SMTP settings for the Acronis backup event results and it can send me emails just fine, just tested this. So it is not my firewall or Comcast. I'm missing something in the settings of stunnel.
Below are my settings and log file. Any suggestions will be appreciated.
Carlos
taskbar = yes [SSLsmtp] client = yes accept = localhost:555 connect = smtp.comcast.net:587 protocol = smtp CAfile = ca-certs.pem protocolUsername = verifiedusername protocolPassword = verifiedpassword debug = 7
================================================ 2019.11.29 16:31:24 LOG5[main]: stunnel 5.49 on x86-pc-msvc-1500 platform 2019.11.29 16:31:24 LOG5[main]: Compiled/running with OpenSSL 1.0.2p-fips 14 Aug 2018 2019.11.29 16:31:24 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2019.11.29 16:31:24 LOG5[main]: Reading configuration from file stunnel.conf 2019.11.29 16:31:24 LOG5[main]: UTF-8 byte order mark detected 2019.11.29 16:31:24 LOG5[main]: FIPS mode disabled 2019.11.29 16:31:26 LOG4[main]: Service [SSLsmtp] needs authentication to prevent MITM attacks 2019.11.29 16:31:26 LOG5[main]: Configuration successful 2019.11.29 16:34:12 LOG7[0]: Service [SSLsmtp] started 2019.11.29 16:34:12 LOG7[0]: Setting local socket options (FD=264) 2019.11.29 16:34:12 LOG7[0]: Option TCP_NODELAY set on local socket 2019.11.29 16:34:12 LOG5[0]: Service [SSLsmtp] accepted connection from 127.0.0.1:1268 2019.11.29 16:34:12 LOG6[0]: s_connect: connecting 96.114.157.81:587 2019.11.29 16:34:12 LOG7[0]: s_connect: s_poll_wait 96.114.157.81:587: waiting 10 seconds 2019.11.29 16:34:12 LOG5[0]: s_connect: connected 96.114.157.81:587 2019.11.29 16:34:12 LOG5[0]: Service [SSLsmtp] connected remote server from 10.10.10.99:1269 2019.11.29 16:34:12 LOG7[0]: Setting remote socket options (FD=288) 2019.11.29 16:34:12 LOG7[0]: Option TCP_NODELAY set on remote socket 2019.11.29 16:34:12 LOG7[0]: Remote descriptor (FD=288) initialized 2019.11.29 16:34:12 LOG7[0]: <- 220 resomta-po-02v.sys.comcast.net resomta-po-02v.sys.comcast.net ESMTP server ready 2019.11.29 16:34:12 LOG7[0]: -> 220 resomta-po-02v.sys.comcast.net resomta-po-02v.sys.comcast.net ESMTP server ready 2019.11.29 16:34:12 LOG7[0]: -> EHLO localhost 2019.11.29 16:34:12 LOG7[0]: <- 250-resomta-po-02v.sys.comcast.net hello [71.206.38.109], pleased to meet you 2019.11.29 16:34:12 LOG7[0]: <- 250-HELP 2019.11.29 16:34:12 LOG7[0]: <- 250-SIZE 36700160 2019.11.29 16:34:12 LOG7[0]: <- 250-ENHANCEDSTATUSCODES 2019.11.29 16:34:12 LOG7[0]: <- 250-8BITMIME 2019.11.29 16:34:12 LOG7[0]: <- 250-STARTTLS 2019.11.29 16:34:12 LOG7[0]: <- 250 OK 2019.11.29 16:34:12 LOG7[0]: -> STARTTLS 2019.11.29 16:34:12 LOG7[0]: <- 220 2.0.0 Ready to start TLS 2019.11.29 16:34:12 LOG6[0]: SNI: sending servername: smtp.comcast.net 2019.11.29 16:34:12 LOG6[0]: Peer certificate not required 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): before/connect initialization 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv2/v3 write client hello A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server hello A 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server certificate A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server key exchange A 2019.11.29 16:34:12 LOG6[0]: Client certificate not requested 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server done A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write client key exchange A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write change cipher spec A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write finished A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 flush data 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server session ticket A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read finished A 2019.11.29 16:34:12 LOG7[0]: New session callback 2019.11.29 16:34:12 LOG7[0]: Peer certificate was cached (6814 bytes) 2019.11.29 16:34:12 LOG6[0]: Session id: 11C16B28FFB4A3A4EDC164CA65C3F20A896BF61C4D3B09F571E4285CFD0C82B3 2019.11.29 16:34:12 LOG7[0]: 1 client connect(s) requested 2019.11.29 16:34:12 LOG7[0]: 1 client connect(s) succeeded 2019.11.29 16:34:12 LOG7[0]: 0 client renegotiation(s) requested 2019.11.29 16:34:12 LOG7[0]: 0 session reuse(s) 2019.11.29 16:34:12 LOG6[0]: TLS connected: new session negotiated 2019.11.29 16:34:12 LOG6[0]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) 2019.11.29 16:34:12 LOG7[0]: Compression: null, expansion: null 2019.11.29 16:34:12 LOG7[0]: -> AUTH PLAIN AGNhcmxvc3JyQGNvbWNhc3QubmV0AFNveTFjYXJpZHVybw== 2019.11.29 16:34:12 LOG7[0]: <- 500 command unrecognized 2019.11.29 16:34:12 LOG3[0]: PLAIN Authentication Failed 2019.11.29 16:34:12 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2019.11.29 16:34:12 LOG7[0]: Remote descriptor (FD=288) closed 2019.11.29 16:34:12 LOG7[0]: Local descriptor (FD=264) closed 2019.11.29 16:34:12 LOG7[0]: Service [SSLsmtp] finished (0 left)
Hi Carloa,
Add
ProtocolAuthentication=login
to your configuration and try again.
Regards,
Jose
On Nov 29, 2019, at 5:07 PM, Carlos Rodriguez carlosrafi@gmail.com wrote:
All:
I have had this setup working fine since Comcast blocked port 25 and recently stopped working.
This is a MS Small Business Server 2003 with Exchange, I know, old and obsolete but I would like to keep it working until I migrate to Linux.
Anyway, right now I also have my desktop, Win10, using the same SMTP settings for the Acronis backup event results and it can send me emails just fine, just tested this. So it is not my firewall or Comcast. I'm missing something in the settings of stunnel.
Below are my settings and log file. Any suggestions will be appreciated.
Carlostaskbar = yes [SSLsmtp] client = yes accept = localhost:555 connect = smtp.comcast.net:587 protocol = smtp CAfile = ca-certs.pem protocolUsername = verifiedusername protocolPassword = verifiedpassword debug = 7
================================================ 2019.11.29 16:31:24 LOG5[main]: stunnel 5.49 on x86-pc-msvc-1500 platform 2019.11.29 16:31:24 LOG5[main]: Compiled/running with OpenSSL 1.0.2p-fips 14 Aug 2018 2019.11.29 16:31:24 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2019.11.29 16:31:24 LOG5[main]: Reading configuration from file stunnel.conf 2019.11.29 16:31:24 LOG5[main]: UTF-8 byte order mark detected 2019.11.29 16:31:24 LOG5[main]: FIPS mode disabled 2019.11.29 16:31:26 LOG4[main]: Service [SSLsmtp] needs authentication to prevent MITM attacks 2019.11.29 16:31:26 LOG5[main]: Configuration successful 2019.11.29 16:34:12 LOG7[0]: Service [SSLsmtp] started 2019.11.29 16:34:12 LOG7[0]: Setting local socket options (FD=264) 2019.11.29 16:34:12 LOG7[0]: Option TCP_NODELAY set on local socket 2019.11.29 16:34:12 LOG5[0]: Service [SSLsmtp] accepted connection from 127.0.0.1:1268 2019.11.29 16:34:12 LOG6[0]: s_connect: connecting 96.114.157.81:587 2019.11.29 16:34:12 LOG7[0]: s_connect: s_poll_wait 96.114.157.81:587: waiting 10 seconds 2019.11.29 16:34:12 LOG5[0]: s_connect: connected 96.114.157.81:587 2019.11.29 16:34:12 LOG5[0]: Service [SSLsmtp] connected remote server from 10.10.10.99:1269 2019.11.29 16:34:12 LOG7[0]: Setting remote socket options (FD=288) 2019.11.29 16:34:12 LOG7[0]: Option TCP_NODELAY set on remote socket 2019.11.29 16:34:12 LOG7[0]: Remote descriptor (FD=288) initialized 2019.11.29 16:34:12 LOG7[0]: <- 220 resomta-po-02v.sys.comcast.net resomta-po-02v.sys.comcast.net ESMTP server ready 2019.11.29 16:34:12 LOG7[0]: -> 220 resomta-po-02v.sys.comcast.net resomta-po-02v.sys.comcast.net ESMTP server ready 2019.11.29 16:34:12 LOG7[0]: -> EHLO localhost 2019.11.29 16:34:12 LOG7[0]: <- 250-resomta-po-02v.sys.comcast.net hello [71.206.38.109], pleased to meet you 2019.11.29 16:34:12 LOG7[0]: <- 250-HELP 2019.11.29 16:34:12 LOG7[0]: <- 250-SIZE 36700160 2019.11.29 16:34:12 LOG7[0]: <- 250-ENHANCEDSTATUSCODES 2019.11.29 16:34:12 LOG7[0]: <- 250-8BITMIME 2019.11.29 16:34:12 LOG7[0]: <- 250-STARTTLS 2019.11.29 16:34:12 LOG7[0]: <- 250 OK 2019.11.29 16:34:12 LOG7[0]: -> STARTTLS 2019.11.29 16:34:12 LOG7[0]: <- 220 2.0.0 Ready to start TLS 2019.11.29 16:34:12 LOG6[0]: SNI: sending servername: smtp.comcast.net 2019.11.29 16:34:12 LOG6[0]: Peer certificate not required 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): before/connect initialization 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv2/v3 write client hello A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server hello A 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server certificate A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server key exchange A 2019.11.29 16:34:12 LOG6[0]: Client certificate not requested 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server done A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write client key exchange A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write change cipher spec A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write finished A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 flush data 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server session ticket A 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read finished A 2019.11.29 16:34:12 LOG7[0]: New session callback 2019.11.29 16:34:12 LOG7[0]: Peer certificate was cached (6814 bytes) 2019.11.29 16:34:12 LOG6[0]: Session id: 11C16B28FFB4A3A4EDC164CA65C3F20A896BF61C4D3B09F571E4285CFD0C82B3 2019.11.29 16:34:12 LOG7[0]: 1 client connect(s) requested 2019.11.29 16:34:12 LOG7[0]: 1 client connect(s) succeeded 2019.11.29 16:34:12 LOG7[0]: 0 client renegotiation(s) requested 2019.11.29 16:34:12 LOG7[0]: 0 session reuse(s) 2019.11.29 16:34:12 LOG6[0]: TLS connected: new session negotiated 2019.11.29 16:34:12 LOG6[0]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) 2019.11.29 16:34:12 LOG7[0]: Compression: null, expansion: null 2019.11.29 16:34:12 LOG7[0]: -> AUTH PLAIN AGNhcmxvc3JyQGNvbWNhc3QubmV0AFNveTFjYXJpZHVybw== 2019.11.29 16:34:12 LOG7[0]: <- 500 command unrecognized 2019.11.29 16:34:12 LOG3[0]: PLAIN Authentication Failed 2019.11.29 16:34:12 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2019.11.29 16:34:12 LOG7[0]: Remote descriptor (FD=288) closed 2019.11.29 16:34:12 LOG7[0]: Local descriptor (FD=264) closed 2019.11.29 16:34:12 LOG7[0]: Service [SSLsmtp] finished (0 left) _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-
Carlos Rodriguez -
Josealf.rm