[stunnel-users] 4.26 works OK, 4.27 will not POP email
Jeff Salisbury
Jeff at BeaconPlanning.com
Wed Jun 17 19:19:15 CEST 2009
Guy, Your suggestion fixed the problem. Thank you!
Regards, Jeff
Guy wrote:
> Jeff Salisbury wrote:
>
>
>> Greetings, We have been using Stunnel 4.26 to facilitate the
>> sending and receiving of email with an email client that is not
>> SSL enabled. Version 4.26 has been working great. However, when
>> we upgrade to 4.27, we are unable to POP email (we can send
>> email). We did not change our Stunnel.conf file.
>>
>> Can anyone advise us what we need to do to get 4.27 working?
>> I've included our Stunnel.conf file contents, and the Stunnel log
>> output below.
>>
>>
>
>
>
> Try: sslVersion = TLSv1
>
>
> See below.
>
>
>
> Your Modified Configuration File:
>
> #####
> # GLOBAL OPTIONS
>
> client = yes
> #output = C:\Documents and Settings\All Users\Application Data\stunnel-log.txt
> debug = 7
> taskbar = yes
>
> sslVersion = TLSv1
>
> # SERVICE-LEVEL OPTIONS
>
> [pop3]
> accept=995
> connect=mail.OurPOP.com:995
>
> [smtp]
> accept=465
> connect=mail.OurSMTP.com:465
> #
> #####
>
>
>
> Configuration File Used:
>
> #####
> #
> client = yes
> debug = debug
> output = _test.log
> rndbytes = 256
> rndfile = t:\tmp\randseed.bin
> socket = l:TCP_NODELAY=1
> socket = r:TCP_NODELAY=1
>
> sslVersion = TLSv1
>
> [YOUR-POP3S]
> accept=TUNNEL-01:110
> connect=216.97.239.60:995
>
> [YOUR-SMTPS]
> accept=TUNNEL-01:25
> connect=216.97.239.60:465
> #
> #####
>
>
>
> Stunnel Debug Output Log:
>
> Snagged 256 random bytes from t:\tmp\randseed.bin
> Wrote 1024 new random bytes to t:\tmp\randseed.bin
> RAND_status claims sufficient entropy for the PRNG
> PRNG seeded successfully
> SSL context initialized for service YOUR-POP3S
> SSL context initialized for service YOUR-SMTPS
> stunnel 4.27 on x86-pc-mingw32-gnu with OpenSSL 0.9.8k 25 Mar 2009
> Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6
> No limit detected for the number of clients
> FD 1884 in non-blocking mode
> SO_REUSEADDR option set on accept socket
> YOUR-POP3S bound to 127.0.10.1:110
> FD 1876 in non-blocking mode
> SO_REUSEADDR option set on accept socket
> YOUR-SMTPS bound to 127.0.10.1:25
> YOUR-POP3S accepted FD=1860 from 127.0.10.1:1599
> Creating a new thread
> New thread created
> YOUR-POP3S started
> FD 1860 in non-blocking mode
> TCP_NODELAY option set on local socket
> YOUR-POP3S accepted connection from 127.0.10.1:1599
> FD 1836 in non-blocking mode
> connect_blocking: connecting 216.97.239.60:995
> connect_blocking: s_poll_wait 216.97.239.60:995: waiting 10 seconds
> connect_blocking: connected 216.97.239.60:995
> YOUR-POP3S connected remote server from 10.10.10.10:1600
> Remote FD=1836 initialized
> TCP_NODELAY option set on remote socket
> SSL state (connect): before/connect initialization
> SSL state (connect): SSLv3 write client hello A
> SSL state (connect): SSLv3 read server hello A
> SSL state (connect): SSLv3 read server certificate A
> SSL state (connect): SSLv3 read server done A
> SSL state (connect): SSLv3 write client key exchange A
> SSL state (connect): SSLv3 write change cipher spec A
> SSL state (connect): SSLv3 write finished A
> SSL state (connect): SSLv3 flush data
> SSL state (connect): SSLv3 read finished A
> 1 items in the session cache
> 1 client connects (SSL_connect())
> 1 client connects that finished
> 0 client renegotiations requested
> 0 server connects (SSL_accept())
> 0 server connects that finished
> 0 server renegotiations requested
> 0 session cache hits
> 0 session cache misses
> 0 session cache timeouts
> SSL connected: new session negotiated
> Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
> Socket closed on read
> SSL write shutdown
> SSL alert (write): warning: close notify
> SSL socket closed on SSL_shutdown
> Socket write shutdown
> Connection closed: 49 bytes sent to SSL, 90 bytes sent to socket
> YOUR-POP3S finished (0 left)
> YOUR-SMTPS accepted FD=1844 from 127.0.10.1:1601
> Creating a new thread
> New thread created
> YOUR-SMTPS started
> FD 1844 in non-blocking mode
> TCP_NODELAY option set on local socket
> YOUR-SMTPS accepted connection from 127.0.10.1:1601
> FD 1836 in non-blocking mode
> connect_blocking: connecting 216.97.239.60:465
> connect_blocking: s_poll_wait 216.97.239.60:465: waiting 10 seconds
> connect_blocking: connected 216.97.239.60:465
> YOUR-SMTPS connected remote server from 10.10.10.10:1602
> Remote FD=1836 initialized
> TCP_NODELAY option set on remote socket
> SSL state (connect): before/connect initialization
> SSL state (connect): SSLv3 write client hello A
> SSL state (connect): SSLv3 read server hello A
> SSL state (connect): SSLv3 read server certificate A
> SSL state (connect): SSLv3 read server done A
> SSL state (connect): SSLv3 write client key exchange A
> SSL state (connect): SSLv3 write change cipher spec A
> SSL state (connect): SSLv3 write finished A
> SSL state (connect): SSLv3 flush data
> SSL state (connect): SSLv3 read finished A
> 1 items in the session cache
> 1 client connects (SSL_connect())
> 1 client connects that finished
> 0 client renegotiations requested
> 0 server connects (SSL_accept())
> 0 server connects that finished
> 0 server renegotiations requested
> 0 session cache hits
> 0 session cache misses
> 0 session cache timeouts
> SSL connected: new session negotiated
> Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
> Socket closed on read
> SSL write shutdown
> SSL alert (write): warning: close notify
> SSL socket closed on SSL_shutdown
> Socket write shutdown
> Connection closed: 78 bytes sent to SSL, 423 bytes sent to socket
> YOUR-SMTPS finished (0 left)
>
>
>
> POP3 Transaction Log:
>
> CONNECT : Looking up host name TUNNEL-01...
> CONNECT : Host name TUNNEL-01 found
> CONNECT : Connecting to host TUNNEL-01 [127.0.10.1:110]...
> CONNECT : Connected to host TUNNEL-01 [127.0.10.1:110]
> POP REPLY : +OK Hello there.
> POP SEND : USER username
> POP REPLY : +OK Password required.
> POP SEND : PASS **********
> POP REPLY : -ERR Login failed.
> POP SEND : QUIT
> POP REPLY : +OK Better luck next time.
> DISCONNECT: Disconnected from server
>
>
>
> SMTP Transaction Log:
>
> CONNECT : Looking up host name TUNNEL-01...
> CONNECT : Host name TUNNEL-01 found
> CONNECT : Connecting to host TUNNEL-01 [127.0.10.1:25]...
> CONNECT : Connected to host TUNNEL-01 [127.0.10.1:25]
> SMTP REPLY: 220-crimson.lunarbreeze.com ESMTP Exim 4.69 #1 Tue, 16 Jun 2009 14:45:25 -0700
> SMTP SEND : EHLO computername
> SMTP REPLY: 250-crimson.lunarbreeze.com Hello 123,123.123.123 [123,123.123.123]
> SMTP REPLY: 250-SIZE 52428800
> SMTP REPLY: 250-PIPELINING
> SMTP REPLY: 250-AUTH PLAIN LOGIN
> SMTP REPLY: 250 HELP
> SMTP SEND : AUTH PLAIN xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==
> SMTP REPLY: 535 Incorrect authentication data
> SMTP SEND : QUIT
> SMTP REPLY: 221 crimson.lunarbreeze.com closing connection
> DISCONNECT: Disconnected from server
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20090617/8582291b/attachment.html>
More information about the stunnel-users
mailing list