Assume I want to connect from my local email client to two (!) remote email servers
The corresponding instructions in .conf file looks like (my guess):
[smtps-firstacct] accept = 127.0.0.1:259 connect = smtps.myisp1.com:465
[smtps-secondacct] accept = 127.0.0.1:259 connect = smtps.myisp2.com:465
Questions:
1.) a configuration like above with the same "accept" port 259 is NOT possible because stunnel does not know to which remote email server he has to connect. To distinguish two different remote email server I always have to select TWO different accept-ports like
[smtps-firstacct] accept = 127.0.0.1:259 connect = smtps.myisp1.com:465
[smtps-secondacct] accept = 127.0.0.1:258 connect = smtps.myisp2.com:465
Correct?
2.) Can I use arbitrary accept-ports like 1242 or 23199 or is there a port range from I have to select one?
3.) Moreover assume I want to make the SSL connection transparent can I select an accept-port 25?
4.) I read somewhere that I have always to specify in email client for POP3/SMTP an address
127.0.0.1:9999
and NOT
127.0.0.1:259
in order to connect to local stunnel service. Because local stunnel service is always listening on port 9999.
Is this correct?
Thank you Ben
Ben,
See replies below.
On 9/24/2013 6:32 AM, Ben Stover wrote:
Assume I want to connect from my local email client to two (!) remote email servers
The corresponding instructions in .conf file looks like (my guess):
[smtps-firstacct] accept = 127.0.0.1:259 connect = smtps.myisp1.com:465
[smtps-secondacct] accept = 127.0.0.1:259 connect = smtps.myisp2.com:465
Questions:
1.) a configuration like above with the same "accept" port 259 is NOT possible because stunnel does not know to which remote email server he has to connect. To distinguish two different remote email server I always have to select TWO different accept-ports like
[smtps-firstacct] accept = 127.0.0.1:259 connect = smtps.myisp1.com:465
[smtps-secondacct] accept = 127.0.0.1:258 connect = smtps.myisp2.com:465
Correct?
Yes, you want to use different ports in the two service sections.
2.) Can I use arbitrary accept-ports like 1242 or 23199 or is there a port range from I have to select one?
You should be able to use any port you wish provided it doesn't produce a conflict on your system.
3.) Moreover assume I want to make the SSL connection transparent can I select an accept-port 25?
What do you mean by "transparent"? Selecting port 25 in and of itself isn't important, although it may be convenient in some circumstances since many SMTP in some clients is provisioned for port 25 by default. If you wish to use port 25, there is nothing to prevent you from doing so.
4.) I read somewhere that I have always to specify in email client for POP3/SMTP an address
127.0.0.1:9999
and NOT
127.0.0.1:259
in order to connect to local stunnel service. Because local stunnel service is always listening on port 9999.
Is this correct?
No. Stunnel will listen wherever you tell it to listen. There is nothing magic about port 9999.
Thank you Ben
stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
On 9/24/2013 6:32 AM, Ben Stover wrote:
3.) Moreover assume I want to make the SSL connection transparent can I select an accept-port 25?
If by "transparent" you mean will Stunnel just pass the traffic to the remote server without encryption if you accept locally on port 25, then no, that's not the way it works. Stunnel will attempt to negotiate an SSL connection with the remote server regardless of which port you connect to locally.
Regards,
Thomas
-
Ben Stover -
Thomas Eifert