Can anyone tell me why It tries ::1:25 first and fails before connecting to 127.0.0.1:25?
2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] accepted connection from ::ffff:192.168.1.76:49170 2019.05.17 13:48:34 LOG3[21]: s_connect: connect ::1:25: Connection refused (61) 2019.05.17 13:48:34 LOG5[21]: s_connect: connected 127.0.0.1:25 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] connected remote server from 127.0.0.1:56701
/usr/local/etc/stunnel/stunnel.conf has:
[ssmtp465] client = no accept = 465 connect = 25 options = NO_SSLv2 #transparent = source
[ssmtp587] client = no accept = 587 connect = 127.0.0.1:25 options = NO_SSLv2 #transparent = source
Not sure if this is relevant, but when I startup I get:
2019.05.17 12:45:27 LOG5[ui]: stunnel 5.53 on x86_64-apple-darwin18.5.0 platform 2019.05.17 12:45:27 LOG5[ui]: Compiled/running with OpenSSL 1.0.2r 26 Feb 2019 2019.05.17 12:45:27 LOG5[ui]: Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2019.05.17 12:45:27 LOG5[ui]: Reading configuration from file /usr/local/etc/stunnel/stunnel.conf 2019.05.17 12:45:27 LOG5[ui]: UTF-8 byte order mark detected 2019.05.17 12:45:27 LOG5[ui]: FIPS mode disabled 2019.05.17 12:45:27 LOG4[ui]: Insecure file permissions on /usr/local/etc/dovecot/mail.bordo.com.au.pem 2019.05.17 12:45:27 LOG4[ui]: Insecure file permissions on /usr/local/etc/dovecot/mail.bordo.com.au.pem 2019.05.17 12:45:27 LOG5[ui]: Configuration successful 2019.05.17 12:45:27 LOG5[ui]: Binding service [ssmtp465] to 0.0.0.0:465: Address already in use (48) 2019.05.17 12:45:27 LOG5[ui]: Binding service [ssmtp587] to 0.0.0.0:587: Address already in use (48)
No idea what is already using those ports.
Any suggestions?
macOS 10.14.4
Thanks, James.
On Fri, May 17, 2019 at 01:54:47PM +1000, James Brown wrote:
Can anyone tell me why It tries ::1:25 first and fails before connecting to 127.0.0.1:25?
2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] accepted connection from ::ffff:192.168.1.76:49170 2019.05.17 13:48:34 LOG3[21]: s_connect: connect ::1:25: Connection refused (61) 2019.05.17 13:48:34 LOG5[21]: s_connect: connected 127.0.0.1:25 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] connected remote server from 127.0.0.1:56701
/usr/local/etc/stunnel/stunnel.conf has:
[ssmtp465] client = no accept = 465 connect = 25 options = NO_SSLv2 #transparent = source
You have specified only a port number, not an address; thus, stunnel assumes the local host address. You have not explicitly told it to only use IPv4 addresses, so it tries the IPv6 local host address (::1) first; when that fails, it falls back to the IPv4 local host address (127.0.0.1).
If you change the line to "connect = 127.0.0.1:25" like for your other service, it will go straight to the IPv4 local host address.
Hope that helps!
G'luck, Peter
And in addition, if you want to know which service is already listening to a port, you can use: sudo lsof -nP -iTCP:465 -sTCP:LISTEN
On Fri, May 17, 2019 at 9:07 AM Peter Pentchev roam@ringlet.net wrote:
On Fri, May 17, 2019 at 01:54:47PM +1000, James Brown wrote:
Can anyone tell me why It tries ::1:25 first and fails before connecting
to 127.0.0.1:25?
2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] accepted connection
from ::ffff:192.168.1.76:49170
2019.05.17 13:48:34 LOG3[21]: s_connect: connect ::1:25: Connection
refused (61)
2019.05.17 13:48:34 LOG5[21]: s_connect: connected 127.0.0.1:25 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] connected remote server
from 127.0.0.1:56701
/usr/local/etc/stunnel/stunnel.conf has:
[ssmtp465] client = no accept = 465 connect = 25 options = NO_SSLv2 #transparent = source
You have specified only a port number, not an address; thus, stunnel assumes the local host address. You have not explicitly told it to only use IPv4 addresses, so it tries the IPv6 local host address (::1) first; when that fails, it falls back to the IPv4 local host address (127.0.0.1).
If you change the line to "connect = 127.0.0.1:25" like for your other service, it will go straight to the IPv4 local host address.
Hope that helps!
G'luck, Peter
-- Peter Pentchev roam@{ringlet.net,debian.org,FreeBSD.org} pp@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
On 17 May 2019, at 5:07 pm, Peter Pentchev roam@ringlet.net wrote:
On Fri, May 17, 2019 at 01:54:47PM +1000, James Brown wrote:
Can anyone tell me why It tries ::1:25 first and fails before connecting to 127.0.0.1:25?
2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] accepted connection from ::ffff:192.168.1.76:49170 2019.05.17 13:48:34 LOG3[21]: s_connect: connect ::1:25: Connection refused (61) 2019.05.17 13:48:34 LOG5[21]: s_connect: connected 127.0.0.1:25 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] connected remote server from 127.0.0.1:56701
/usr/local/etc/stunnel/stunnel.conf has:
[ssmtp465] client = no accept = 465 connect = 25 options = NO_SSLv2 #transparent = source
You have specified only a port number, not an address; thus, stunnel assumes the local host address. You have not explicitly told it to only use IPv4 addresses, so it tries the IPv6 local host address (::1) first; when that fails, it falls back to the IPv4 local host address (127.0.0.1).
If you change the line to "connect = 127.0.0.1:25" like for your other service, it will go straight to the IPv4 local host address.
Hope that helps!
G'luck, Peter
Perfect, that worked - Thanks Peter
(Obvious now that I think of it!)
James.
-
Flo Rance -
James Brown -
Peter Pentchev