Hi,
Since our company had to migrate to Orange Office365 platform, we cannot send simple SMTP message using smtp.office365.com
We have to use SMTP over TLS.
While I have to use some applications which cannot use SMTP, I installed and setup STunnel.
When I try to send a simple mail like this : telnet myserver 25 ehlo ch-lepuy.fr mail from: toto@ch-lepuy.fr
I cannot continue with rcpt to syntax and I have the following message : rcpt to:530 5.7.1 Client was not authenticated
In the STunnel log file, I can see that : 2013.08.06 19:20:49 LOG7[1352:2832]: SSL state (connect): before/connect initialization 2013.08.06 19:20:49 LOG7[1352:2832]: SSL state (connect): SSLv3 write client hello A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server hello A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server certificate A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server key exchange A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server certificate request A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read server done A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write client certificate A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write client key exchange A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write certificate verify A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write change cipher spec A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 write finished A 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 flush data 2013.08.06 19:20:50 LOG7[1352:2832]: SSL state (connect): SSLv3 read finished A 2013.08.06 19:20:50 LOG7[1352:2832]: 1 items in the session cache 2013.08.06 19:20:50 LOG7[1352:2832]: 1 client connects (SSL_connect()) 2013.08.06 19:20:50 LOG7[1352:2832]: 1 client connects that finished 2013.08.06 19:20:50 LOG7[1352:2832]: 0 client renegotiations requested 2013.08.06 19:20:50 LOG7[1352:2832]: 0 server connects (SSL_accept()) 2013.08.06 19:20:50 LOG7[1352:2832]: 0 server connects that finished 2013.08.06 19:20:50 LOG7[1352:2832]: 0 server renegotiations requested 2013.08.06 19:20:50 LOG7[1352:2832]: 0 session cache hits 2013.08.06 19:20:50 LOG7[1352:2832]: 0 external session cache hits 2013.08.06 19:20:50 LOG7[1352:2832]: 0 session cache misses 2013.08.06 19:20:50 LOG7[1352:2832]: 0 session cache timeouts 2013.08.06 19:20:50 LOG7[1352:2832]: Peer certificate was cached (6184 bytes) 2013.08.06 19:20:50 LOG6[1352:2832]: SSL connected: new session negotiated 2013.08.06 19:20:50 LOG6[1352:2832]: Negotiated TLSv1/SSLv3 ciphersuite: ECDHE-RSA-AES256-SHA (256-bit encryption) 2013.08.06 19:20:50 LOG6[1352:2832]: Compression: null, expansion: null 2013.08.06 19:21:13 LOG3[1352:2832]: SSL_read: Connection reset by peer (WSAECONNRESET) (10054) 2013.08.06 19:21:13 LOG5[1352:2832]: Connection reset: 65 byte(s) sent to SSL, 231 byte(s) sent to socket 2013.08.06 19:21:13 LOG7[1352:2832]: Remote socket (FD=316) closed 2013.08.06 19:21:13 LOG7[1352:2832]: Local socket (FD=244) closed 2013.08.06 19:21:13 LOG7[1352:2832]: Service [SMTP Outgoing] finished (0 left)
Here is my STunnel setup : client = yes output = stunnel-log.txt debug = 7 taskbar = yes
; Disable FIPS mode to allow non-approved protocols and algorithms ;fips = no
; ************************************************************************** ; * Service defaults may also be specified in individual service sections * ; **************************************************************************
; Certificate/key is needed in server mode and optional in client mode cert = stunnel.pem
; Disable support for insecure SSLv2 protocol options = NO_SSLv2
[SMTP Outgoing] protocol = smtp accept = 25 connect = smtp.office365.com:587
Does anyone have an idea ?
Regards?
Patrice Oliver | Centre Hospitalier Emile Roux Responsable Informatique T. 04 71 04 38 30
12 Bd Andr? Chantemesse - 43012 LE PUY EN VELAY Cedex http://www.ch-lepuy.fr
On 2013-08-06 19:35, OLIVER Patrice wrote:
I cannot continue with rcpt to syntax and I have the following message : rcpt to:530 5.7.1 Client was not authenticated
[cut]
Does anyone have an idea ?
Sure: https://en.wikipedia.org/wiki/SMTP_Authentication
In other words: stunnel worked fine and there is nothing you can do with stunnel to deal with your problem.
Mike
Hi,
I need to understand. You write that my configuration seems to work fine and the problem is out of STunnel. Haw can I sort it ou ?
Patrice Oliver | Centre Hospitalier Emile Roux Responsable Informatique T. 04 71 04 38 30
12 Bd Andr? Chantemesse - 43012 LE PUY EN VELAY Cedex http://www.ch-lepuy.fr
________________________________ De : stunnel-users stunnel-users-bounces@stunnel.org de la part de Michal Trojnara Michal.Trojnara@mirt.net Envoy? : mardi 6 ao?t 2013 19:40 ? : stunnel-users@stunnel.org Objet : Re: [stunnel-users] Unable to make SSL connexion work
On 2013-08-06 19:35, OLIVER Patrice wrote: I cannot continue with rcpt to syntax and I have the following message : rcpt to:530 5.7.1 Client was not authenticated [cut] Does anyone have an idea ?
Sure: https://en.wikipedia.org/wiki/SMTP_Authentication
In other words: stunnel worked fine and there is nothing you can do with stunnel to deal with your problem.
Mike
Hi Patrice,
Yes it is true, this is not a problem of stunnel. The problem is with your smtp dialog negociation.
you will auth to your server like this :
telnet myserver 25 ehlo ch-lepuy.fr auth login ... mail from: toto@ch-lepuy.fr
Read this : http://www.kongtechnology.com/2008/01/27/smtp-authentication-and-send-emails...
Bonne journée !!
Ludovic.
Le 06/08/2013 19:46, OLIVER Patrice a écrit :
Hi,
I need to understand. You write that my configuration seems to work fine and the problem is out of STunnel. Haw can I sort it ou ?
*Patrice Oliver| Centre Hospitalier Emile Roux* *Responsable Informatique* T. 04 71 04 38 30
12 Bd André Chantemesse - 43012 LE PUY EN VELAY Cedex* *http://www.ch-lepuy.fr
*De :* stunnel-users stunnel-users-bounces@stunnel.org de la part de Michal Trojnara Michal.Trojnara@mirt.net *Envoyé :* mardi 6 août 2013 19:40 *À :* stunnel-users@stunnel.org *Objet :* Re: [stunnel-users] Unable to make SSL connexion work On 2013-08-06 19:35, OLIVER Patrice wrote:
I cannot continue with rcpt to syntax and I have the following message : rcpt to:530 5.7.1 Client was not authenticated
[cut]
Does anyone have an idea ?
Sure: https://en.wikipedia.org/wiki/SMTP_Authentication
In other words: stunnel worked fine and there is nothing you can do with stunnel to deal with your problem.
Mike
stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-
Ludovic LEVET -
Michal Trojnara -
OLIVER Patrice