I have a Solaris 2.6 box and am trying to get pop3 over SSL running. I use:
qpopper 4.0.5 openssl-0.9.7g stunnel 4.10 compiled with gcc 2.95.3
When I compiled stunnel it made a private ket and certificate in /usr/local/etc/stunnel/stunnel.pem.
Do I need anything else?
I have the following configuration:
Inetd.conf:
pop3 stream tcp nowait root /usr/local/sbin/popper qpopper -S -t /poplog
stunnel.conf:
cert = /usr/local/etc/stunnel/stunnel.pem key = /usr/local/etc/stunnel/stunnel.pem debug = 7 output = /stunnel.log pid = /stunnel.pid client = yes
[pop3s] accept = 995 connect = 110
I run stunnel and get the following output:
2005.07.06 11:34:17 LOG5[17873:1]: stunnel 4.10 on sparc-sun-solaris2.6 UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7g 11 Apr 2005 2005.07.06 11:34:18 LOG7[17873:1]: Snagged 64 random bytes from //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: Wrote 1024 new random bytes to //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: RAND_status claims sufficient entropy for the PRNG 2005.07.06 11:34:18 LOG6[17873:1]: PRNG seeded successfully 2005.07.06 11:34:18 LOG7[17873:1]: Certificate: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG7[17873:1]: Key file: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG6[17873:1]: file ulimit = 64 (can be changed with 'ulimit -n') 2005.07.06 11:34:18 LOG6[17873:1]: poll() used - no FD_SETSIZE limit for file descriptors 2005.07.06 11:34:18 LOG5[17873:1]: 29 clients allowed 2005.07.06 11:34:18 LOG7[17873:1]: FD 4 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 5 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 6 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: SO_REUSEADDR option set on accept socket 2005.07.06 11:34:18 LOG7[17873:1]: pop3s bound to 0.0.0.0:995 2005.07.06 11:34:18 LOG7[17874:1]: Created pid file /stunnel.pid 2005.07.06 11:34:18 LOG7[17874:0]: Waiting -1 second(s) for 2 file descriptor(s)
I connect via pop3 in thunderbird with ssl and qpopper always says: (null) at localhost (127.0.0.1): -ERR Unknown command: "". (nulI/O error flushing output to client at localhost [127.0.0.1]: Broken pipe (32)l) at localhost (127.0.0.1): -ERR POP EOF or I/O Error
Stunnel says:
2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->(IN) 2005.07.06 11:37:13 LOG7[17884:1]: pop3s accepted FD=0 from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:1]: Creating a new context 2005.07.06 11:37:13 LOG7[17884:1]: Context 2 created 2005.07.06 11:37:13 LOG7[17884:2]: pop3s started 2005.07.06 11:37:13 LOG7[17884:2]: FD 0 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on local socket 2005.07.06 11:37:13 LOG5[17884:2]: pop3s connected from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:2]: FD 1 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: pop3s connecting 127.0.0.1:110 2005.07.06 11:37:13 LOG7[17884:2]: Remote FD=1 initialized 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on remote socket 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): before/connect initialization 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): SSLv3 write client hello A 2005.07.06 11:37:13 LOG7[17884:0]: Waiting 300 second(s) for 3 file descriptor(s) 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 2, FD=1, (IN)->(IN)
The mail never gets delivered to either Thunderbird or outlook express. I get a certificate approval request from Thunderbird to which I grant, then nothing. If I disable ssl in thunderbird the mail gets accepted normally.
What might I be doing wrong???
Thanks
Doug P
If I set "client = no" in stunnels config file I get the following from:
openssl s_client -connect 172.20.12.59:995
CONNECTED(00000003) depth=0 /C=US/ST=Nevada/L=Las Vegas/O=Bechtel/OU=RSL/CN=test1 verify error:num=18:self signed certificate verify return:1 depth=0 /C=US/ST=Nevada/L=Las Vegas/O=Bechtel/OU=RSL/CN=test1 verify return:1 30463:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226:
Is a "self signed" Cert OK? I didn't sign anything though. Compiling stunnel created a cert. Installing openssl I think created a cert. Do these need to match somehow? If so how do you do that? I think I'm lost here...
Regards
Doug P
Douglas Phillipson wrote:
I have a Solaris 2.6 box and am trying to get pop3 over SSL running. I use:
qpopper 4.0.5 openssl-0.9.7g stunnel 4.10 compiled with gcc 2.95.3
When I compiled stunnel it made a private ket and certificate in /usr/local/etc/stunnel/stunnel.pem.
Do I need anything else?
I have the following configuration:
Inetd.conf:
pop3 stream tcp nowait root /usr/local/sbin/popper qpopper -S -t /poplog
stunnel.conf:
cert = /usr/local/etc/stunnel/stunnel.pem key = /usr/local/etc/stunnel/stunnel.pem debug = 7 output = /stunnel.log pid = /stunnel.pid client = yes
[pop3s] accept = 995 connect = 110
I run stunnel and get the following output:
2005.07.06 11:34:17 LOG5[17873:1]: stunnel 4.10 on sparc-sun-solaris2.6 UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7g 11 Apr 2005 2005.07.06 11:34:18 LOG7[17873:1]: Snagged 64 random bytes from //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: Wrote 1024 new random bytes to //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: RAND_status claims sufficient entropy for the PRNG 2005.07.06 11:34:18 LOG6[17873:1]: PRNG seeded successfully 2005.07.06 11:34:18 LOG7[17873:1]: Certificate: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG7[17873:1]: Key file: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG6[17873:1]: file ulimit = 64 (can be changed with 'ulimit -n') 2005.07.06 11:34:18 LOG6[17873:1]: poll() used - no FD_SETSIZE limit for file descriptors 2005.07.06 11:34:18 LOG5[17873:1]: 29 clients allowed 2005.07.06 11:34:18 LOG7[17873:1]: FD 4 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 5 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 6 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: SO_REUSEADDR option set on accept socket 2005.07.06 11:34:18 LOG7[17873:1]: pop3s bound to 0.0.0.0:995 2005.07.06 11:34:18 LOG7[17874:1]: Created pid file /stunnel.pid 2005.07.06 11:34:18 LOG7[17874:0]: Waiting -1 second(s) for 2 file descriptor(s)
I connect via pop3 in thunderbird with ssl and qpopper always says: (null) at localhost (127.0.0.1): -ERR Unknown command: "". (nulI/O error flushing output to client at localhost [127.0.0.1]: Broken pipe (32)l) at localhost (127.0.0.1): -ERR POP EOF or I/O Error
Stunnel says:
2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->(IN) 2005.07.06 11:37:13 LOG7[17884:1]: pop3s accepted FD=0 from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:1]: Creating a new context 2005.07.06 11:37:13 LOG7[17884:1]: Context 2 created 2005.07.06 11:37:13 LOG7[17884:2]: pop3s started 2005.07.06 11:37:13 LOG7[17884:2]: FD 0 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on local socket 2005.07.06 11:37:13 LOG5[17884:2]: pop3s connected from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:2]: FD 1 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: pop3s connecting 127.0.0.1:110 2005.07.06 11:37:13 LOG7[17884:2]: Remote FD=1 initialized 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on remote socket 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): before/connect initialization 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): SSLv3 write client hello A 2005.07.06 11:37:13 LOG7[17884:0]: Waiting 300 second(s) for 3 file descriptor(s) 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 2, FD=1, (IN)->(IN)
The mail never gets delivered to either Thunderbird or outlook express. I get a certificate approval request from Thunderbird to which I grant, then nothing. If I disable ssl in thunderbird the mail gets accepted normally.
What might I be doing wrong???
Thanks
Doug P _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
I'm not sure it it applies but if I do:
openssl s_client -connect 172.20.12.59:995
I get the following error:
CONNECTED(00000003) 17964:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226:
Doug P
Douglas Phillipson wrote:
I have a Solaris 2.6 box and am trying to get pop3 over SSL running. I use:
qpopper 4.0.5 openssl-0.9.7g stunnel 4.10 compiled with gcc 2.95.3
When I compiled stunnel it made a private ket and certificate in /usr/local/etc/stunnel/stunnel.pem.
Do I need anything else?
I have the following configuration:
Inetd.conf:
pop3 stream tcp nowait root /usr/local/sbin/popper qpopper -S -t /poplog
stunnel.conf:
cert = /usr/local/etc/stunnel/stunnel.pem key = /usr/local/etc/stunnel/stunnel.pem debug = 7 output = /stunnel.log pid = /stunnel.pid client = yes
[pop3s] accept = 995 connect = 110
I run stunnel and get the following output:
2005.07.06 11:34:17 LOG5[17873:1]: stunnel 4.10 on sparc-sun-solaris2.6 UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7g 11 Apr 2005 2005.07.06 11:34:18 LOG7[17873:1]: Snagged 64 random bytes from //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: Wrote 1024 new random bytes to //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: RAND_status claims sufficient entropy for the PRNG 2005.07.06 11:34:18 LOG6[17873:1]: PRNG seeded successfully 2005.07.06 11:34:18 LOG7[17873:1]: Certificate: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG7[17873:1]: Key file: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG6[17873:1]: file ulimit = 64 (can be changed with 'ulimit -n') 2005.07.06 11:34:18 LOG6[17873:1]: poll() used - no FD_SETSIZE limit for file descriptors 2005.07.06 11:34:18 LOG5[17873:1]: 29 clients allowed 2005.07.06 11:34:18 LOG7[17873:1]: FD 4 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 5 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 6 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: SO_REUSEADDR option set on accept socket 2005.07.06 11:34:18 LOG7[17873:1]: pop3s bound to 0.0.0.0:995 2005.07.06 11:34:18 LOG7[17874:1]: Created pid file /stunnel.pid 2005.07.06 11:34:18 LOG7[17874:0]: Waiting -1 second(s) for 2 file descriptor(s)
I connect via pop3 in thunderbird with ssl and qpopper always says: (null) at localhost (127.0.0.1): -ERR Unknown command: "". (nulI/O error flushing output to client at localhost [127.0.0.1]: Broken pipe (32)l) at localhost (127.0.0.1): -ERR POP EOF or I/O Error
Stunnel says:
2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->(IN) 2005.07.06 11:37:13 LOG7[17884:1]: pop3s accepted FD=0 from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:1]: Creating a new context 2005.07.06 11:37:13 LOG7[17884:1]: Context 2 created 2005.07.06 11:37:13 LOG7[17884:2]: pop3s started 2005.07.06 11:37:13 LOG7[17884:2]: FD 0 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on local socket 2005.07.06 11:37:13 LOG5[17884:2]: pop3s connected from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:2]: FD 1 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: pop3s connecting 127.0.0.1:110 2005.07.06 11:37:13 LOG7[17884:2]: Remote FD=1 initialized 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on remote socket 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): before/connect initialization 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): SSLv3 write client hello A 2005.07.06 11:37:13 LOG7[17884:0]: Waiting 300 second(s) for 3 file descriptor(s) 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 2, FD=1, (IN)->(IN)
The mail never gets delivered to either Thunderbird or outlook express. I get a certificate approval request from Thunderbird to which I grant, then nothing. If I disable ssl in thunderbird the mail gets accepted normally.
What might I be doing wrong???
Thanks
Doug P _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
Should I have "protocol = pop3" in my config file?
When I do, I get this from the stunnel log:
2005.07.06 12:46:54 LOG7[18045:0]: CONTEXT 1, FD=6, (IN)->() 2005.07.06 12:46:54 LOG7[18045:0]: CONTEXT 2, FD=0, (IN)->(IN) 2005.07.06 12:46:54 LOG7[18045:0]: Waiting 300 second(s) for 3 file descriptor(s) 2005.07.06 12:46:54 LOG7[18045:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 12:46:54 LOG7[18045:0]: CONTEXT 1, FD=6, (IN)->() 2005.07.06 12:46:54 LOG7[18045:0]: CONTEXT 2, FD=0, (IN)->(IN) 2005.07.06 12:46:54 LOG7[18045:2]: <- .g.. 2005.07.06 12:46:54 LOG3[18045:2]: Client does not want TLS 2005.07.06 12:46:54 LOG5[18045:2]: Protocol negotiation failed 2005.07.06 12:46:54 LOG3[18045:2]: Protocol negotiations failed 2005.07.06 12:46:54 LOG7[18045:2]: pop3s finished (0 left) 2005.07.06 12:46:54 LOG7[18045:2]: Context 2 closed 2005.07.06 12:46:54 LOG7[18045:0]: Waiting -1 second(s) for 2 file descriptor(s)
Doug P
Douglas Phillipson wrote:
I'm not sure it it applies but if I do:
openssl s_client -connect 172.20.12.59:995
I get the following error:
CONNECTED(00000003) 17964:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226:
Doug P
Douglas Phillipson wrote:
I have a Solaris 2.6 box and am trying to get pop3 over SSL running. I use:
qpopper 4.0.5 openssl-0.9.7g stunnel 4.10 compiled with gcc 2.95.3
When I compiled stunnel it made a private ket and certificate in /usr/local/etc/stunnel/stunnel.pem.
Do I need anything else?
I have the following configuration:
Inetd.conf:
pop3 stream tcp nowait root /usr/local/sbin/popper qpopper -S -t /poplog
stunnel.conf:
cert = /usr/local/etc/stunnel/stunnel.pem key = /usr/local/etc/stunnel/stunnel.pem debug = 7 output = /stunnel.log pid = /stunnel.pid client = yes
[pop3s] accept = 995 connect = 110
I run stunnel and get the following output:
2005.07.06 11:34:17 LOG5[17873:1]: stunnel 4.10 on sparc-sun-solaris2.6 UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7g 11 Apr 2005 2005.07.06 11:34:18 LOG7[17873:1]: Snagged 64 random bytes from //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: Wrote 1024 new random bytes to //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: RAND_status claims sufficient entropy for the PRNG 2005.07.06 11:34:18 LOG6[17873:1]: PRNG seeded successfully 2005.07.06 11:34:18 LOG7[17873:1]: Certificate: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG7[17873:1]: Key file: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG6[17873:1]: file ulimit = 64 (can be changed with 'ulimit -n') 2005.07.06 11:34:18 LOG6[17873:1]: poll() used - no FD_SETSIZE limit for file descriptors 2005.07.06 11:34:18 LOG5[17873:1]: 29 clients allowed 2005.07.06 11:34:18 LOG7[17873:1]: FD 4 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 5 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 6 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: SO_REUSEADDR option set on accept socket 2005.07.06 11:34:18 LOG7[17873:1]: pop3s bound to 0.0.0.0:995 2005.07.06 11:34:18 LOG7[17874:1]: Created pid file /stunnel.pid 2005.07.06 11:34:18 LOG7[17874:0]: Waiting -1 second(s) for 2 file descriptor(s)
I connect via pop3 in thunderbird with ssl and qpopper always says: (null) at localhost (127.0.0.1): -ERR Unknown command: "". (nulI/O error flushing output to client at localhost [127.0.0.1]: Broken pipe (32)l) at localhost (127.0.0.1): -ERR POP EOF or I/O Error
Stunnel says:
2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->(IN) 2005.07.06 11:37:13 LOG7[17884:1]: pop3s accepted FD=0 from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:1]: Creating a new context 2005.07.06 11:37:13 LOG7[17884:1]: Context 2 created 2005.07.06 11:37:13 LOG7[17884:2]: pop3s started 2005.07.06 11:37:13 LOG7[17884:2]: FD 0 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on local socket 2005.07.06 11:37:13 LOG5[17884:2]: pop3s connected from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:2]: FD 1 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: pop3s connecting 127.0.0.1:110 2005.07.06 11:37:13 LOG7[17884:2]: Remote FD=1 initialized 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on remote socket 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): before/connect initialization 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): SSLv3 write client hello A 2005.07.06 11:37:13 LOG7[17884:0]: Waiting 300 second(s) for 3 file descriptor(s) 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 2, FD=1, (IN)->(IN)
The mail never gets delivered to either Thunderbird or outlook express. I get a certificate approval request from Thunderbird to which I grant, then nothing. If I disable ssl in thunderbird the mail gets accepted normally.
What might I be doing wrong???
Thanks
Doug P _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
Should client = yes or no in my case? Perhaps I don't understand what "client" referrs to...
Doug P
Douglas Phillipson wrote:
I have a Solaris 2.6 box and am trying to get pop3 over SSL running. I use:
qpopper 4.0.5 openssl-0.9.7g stunnel 4.10 compiled with gcc 2.95.3
When I compiled stunnel it made a private ket and certificate in /usr/local/etc/stunnel/stunnel.pem.
Do I need anything else?
I have the following configuration:
Inetd.conf:
pop3 stream tcp nowait root /usr/local/sbin/popper qpopper -S -t /poplog
stunnel.conf:
cert = /usr/local/etc/stunnel/stunnel.pem key = /usr/local/etc/stunnel/stunnel.pem debug = 7 output = /stunnel.log pid = /stunnel.pid client = yes
[pop3s] accept = 995 connect = 110
I run stunnel and get the following output:
2005.07.06 11:34:17 LOG5[17873:1]: stunnel 4.10 on sparc-sun-solaris2.6 UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7g 11 Apr 2005 2005.07.06 11:34:18 LOG7[17873:1]: Snagged 64 random bytes from //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: Wrote 1024 new random bytes to //.rnd 2005.07.06 11:34:18 LOG7[17873:1]: RAND_status claims sufficient entropy for the PRNG 2005.07.06 11:34:18 LOG6[17873:1]: PRNG seeded successfully 2005.07.06 11:34:18 LOG7[17873:1]: Certificate: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG7[17873:1]: Key file: /usr/local/etc/stunnel/stunnel.pem 2005.07.06 11:34:18 LOG6[17873:1]: file ulimit = 64 (can be changed with 'ulimit -n') 2005.07.06 11:34:18 LOG6[17873:1]: poll() used - no FD_SETSIZE limit for file descriptors 2005.07.06 11:34:18 LOG5[17873:1]: 29 clients allowed 2005.07.06 11:34:18 LOG7[17873:1]: FD 4 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 5 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: FD 6 in non-blocking mode 2005.07.06 11:34:18 LOG7[17873:1]: SO_REUSEADDR option set on accept socket 2005.07.06 11:34:18 LOG7[17873:1]: pop3s bound to 0.0.0.0:995 2005.07.06 11:34:18 LOG7[17874:1]: Created pid file /stunnel.pid 2005.07.06 11:34:18 LOG7[17874:0]: Waiting -1 second(s) for 2 file descriptor(s)
I connect via pop3 in thunderbird with ssl and qpopper always says: (null) at localhost (127.0.0.1): -ERR Unknown command: "". (nulI/O error flushing output to client at localhost [127.0.0.1]: Broken pipe (32)l) at localhost (127.0.0.1): -ERR POP EOF or I/O Error
Stunnel says:
2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->(IN) 2005.07.06 11:37:13 LOG7[17884:1]: pop3s accepted FD=0 from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:1]: Creating a new context 2005.07.06 11:37:13 LOG7[17884:1]: Context 2 created 2005.07.06 11:37:13 LOG7[17884:2]: pop3s started 2005.07.06 11:37:13 LOG7[17884:2]: FD 0 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on local socket 2005.07.06 11:37:13 LOG5[17884:2]: pop3s connected from 172.20.10.7:45464 2005.07.06 11:37:13 LOG7[17884:2]: FD 1 in non-blocking mode 2005.07.06 11:37:13 LOG7[17884:2]: pop3s connecting 127.0.0.1:110 2005.07.06 11:37:13 LOG7[17884:2]: Remote FD=1 initialized 2005.07.06 11:37:13 LOG7[17884:2]: TCP_NODELAY option set on remote socket 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): before/connect initialization 2005.07.06 11:37:13 LOG7[17884:2]: SSL state (connect): SSLv3 write client hello A 2005.07.06 11:37:13 LOG7[17884:0]: Waiting 300 second(s) for 3 file descriptor(s) 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=4, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 1, FD=6, (IN)->() 2005.07.06 11:37:13 LOG7[17884:0]: CONTEXT 2, FD=1, (IN)->(IN)
The mail never gets delivered to either Thunderbird or outlook express. I get a certificate approval request from Thunderbird to which I grant, then nothing. If I disable ssl in thunderbird the mail gets accepted normally.
What might I be doing wrong???
Thanks
Doug P _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
-
Douglas Phillipson