[stunnel-users] stunnel and Calypso: pop3 works, smtp error!
Daniel Rahn
drahn at suse.com
Fri Dec 13 08:13:59 CET 2013
On Fri, Dec 13, Michael D. Setzer II wrote:
> I tried to ssh mail.gmx.net 465 and got nothing back??
Because it's not an SSH server. Unsurprisingly.
# openssl s_client -host mail.gmx.net -port 465 -status
CONNECTED(00000003)
OCSP response: no response sent
depth=2 C = DE, O = Deutsche Telekom AG, OU = T-TeleSec Trust Center, CN
= Deutsche Telekom Root CA 2
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/C=DE/O=1&1 Mail & Media
GmbH/ST=Rhineland-Palatinate/L=Montabaur/emailAddress=server-certs at 1und1.de/CN=mail.gmx.net
i:/C=DE/O=T-Systems International GmbH/OU=T-Systems Trust
Center/ST=NRW/postalCode=57250/L=Netphen/street=Untere Industriestr.
20/CN=TeleSec ServerPass DE-1
1 s:/C=DE/O=T-Systems International GmbH/OU=T-Systems Trust
Center/ST=NRW/postalCode=57250/L=Netphen/street=Untere Industriestr.
20/CN=TeleSec ServerPass DE-1
i:/C=DE/O=Deutsche Telekom AG/OU=T-TeleSec Trust Center/CN=Deutsche
Telekom Root CA 2
2 s:/C=DE/O=Deutsche Telekom AG/OU=T-TeleSec Trust Center/CN=Deutsche
Telekom Root CA 2
i:/C=DE/O=Deutsche Telekom AG/OU=T-TeleSec Trust Center/CN=Deutsche
Telekom Root CA 2
---
Server certificate
[...]
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
DE1F866537BEBC918D4ED5F2C80695D00C4EEADC681868184F4600ADEF98DF34
Session-ID-ctx:
Master-Key:
7AA0E1590104F794AAD326298EB469F7A6B24AF4A5D4C4B1CC850D64DAA26C79654E2E9FE361A6BF7975B07B42FBE6A1
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1386917709
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate
chain)
---
220 gmx.com (mrgmx001) Nemesis ESMTP Service ready
I suggest disabling secure password authentication in Calypso. stunnel
already establishes an SSL secured connection.
220 gmx.com (mrgmx001) Nemesis ESMTP Service ready
EHLO charybdis-ext.suse.de
250-gmx.com Hello charybdis-ext.suse.de [195.135.221.2]
250-SIZE 69920427
250 AUTH LOGIN PLAIN
So only auth plain login is supported there.
-Daniel
More information about the stunnel-users
mailing list