[stunnel-users] How use certificates with stunnel -- Newbie question
Shatadal
shatadal at vfemail.net
Thu Nov 25 22:46:28 CET 2004
Hi,
I am a new user of stunnel and I am using it to connect to some SSL
enabled e-mail accounts. Instead of directly connecting to the mail
server I am connecting to it via stunnel so that my e-mail scanner scan
the messages before sending it to the mail server (it does not natively
support SSL connections)
My setup:
OS: Win XP Home edition. All updates are installed except for service
pack 2.
E-mail client: Mozilla Thunderbird 0.9
E-mail scanner : Alwil Avast 4.5
I have an e-mail account at myisp.com. To connect to myisp I need to
enable SSL. On connecting via SSL I get a certificate which I can choose
to accept permanently, temporarily for the current session or reject it.
Alwil Avast mail scanner does not support scanning of e-mail sent and
received over SSL. So to enable it to scan such e-mail, my client
connects to localhost where stunnel is listening and stunnel forwards
the connection to my isp.
This is my stunnel.conf file
# IMAP service, listens on localhost:1200
[myisp-imaps]
accept=localhost:1200
connect=myisp.com:993
# SMTP service, listens on localhost:260
[myisp-smtps]
accept=localhost:260
connect=myisp.com:25
Unfortunately while the IMAP connection works perfectly the SMTP does
not. Thunderbird keeps sending the message until I cancel it.
This is the log file
2004.11.25 03:10:03 LOG5[2508:3848]: myisp-smtps connected from
127.0.0.1:2751
2004.11.25 03:10:08 LOG3[2508:3848]: SSL_connect: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2004.11.25 03:11:03 LOG5[2508:192]: myisp-smtps connected from
127.0.0.1:2755
2004.11.25 03:11:08 LOG3[2508:192]: SSL_connect: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2004.11.25 13:36:40 LOG5[2508:2112]: myisp-smtps connected from
127.0.0.1:4818
2004.11.25 13:36:45 LOG3[2508:2112]: SSL_connect: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2004.11.25 14:01:44 LOG5[2508:3208]: myisp-smtps connected from
127.0.0.1:1188
2004.11.25 14:01:50 LOG3[2508:3208]: SSL_connect: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
I am guessing the problem is something to do with the handling of the
certificate I get when I use my client to connect directly to the SMTP
server via SSL.
Can someone explain to me how to make stunnel accept the certificate and
continue the SSL transaction? I tried to read through the faq for
certificates but I couldn't understand how it was to be done.
Thanks,
Shatadal.
---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 0448-0, 11/23/2004
Tested on: 11/25/2004 3:46:33 PM
avast! - copyright (c) 2000-2004 ALWIL Software.
http://www.avast.com
More information about the stunnel-users
mailing list