[stunnel-users] Incoming port ignored

Ivan De Masi de_masi at blu-it.de
Wed Mar 30 12:00:16 CEST 2016 

 

> -----Ursprüngliche Nachricht-----
> Von: Ludolf Holzheid [mailto:lholzheid at bihl-wiedemann.de] 
> Gesendet: Mittwoch, 30. März 2016 10:50
> An: stunnel-users at stunnel.org
> Cc: Ivan De Masi
> Betreff: Re: [stunnel-users] Incoming port ignored
> 
> On Wed, 2016-03-30 09:58:59 +0200, Ivan De Masi wrote:
> > [..]
> > 
> > I examined the log and what makes  me wonder is, that the 
> when fetching the
> > e-mails, the configured ports (110/143/25) seem to be ignored:
> > 
> > "Service [df-pop3s] accepted connection from 
> 127.0.0.1:1878" or "Service
> > [df-pop3s] accepted (FD=472) from 127.0.0.1:1882"
> 
> Ivan,
> 
> This is as expected.
> 
> Your mail client opens a socket which gets (presumably implicitly)
> bound to an arbitrary TCP port (1878 and 1882 in the examples above).
> It then connects to port 110, the one stunnel bound the listening
> socket to.
> 
> Each IP connection has two ends and thus two pairs of IP address and
> port number.  In your case, both, client and server use 127.0.0.1 as
> IP address, which may be the source of the confusion.

Hello Ludof,

so, what would you recommend me?

I tried also another way, setting stunnel-config like this (without
127.0.0.1):

...
accept = 110
...
accept = 143
...
accept = 25

for each service. The problem remains:

...
2016.03.30 11:51:47 LOG7[main]: Service [df-pop3s] accepted (FD=468) from
127.0.0.1:4937
2016.03.30 11:51:47 LOG7[main]: Creating a new thread
2016.03.30 11:51:47 LOG7[main]: New thread created
2016.03.30 11:51:47 LOG7[0]: Service [df-pop3s] started
2016.03.30 11:51:47 LOG5[0]: Service [df-pop3s] accepted connection from
127.0.0.1:4937
...

I *have* to configure my mail-client to use/listen on 127.0.0.1 to get in
touch with stunnel. Or is there another way?

I configured my system that way, because someone posted a "workaround" how
to solve the mess with of Aviras "blindness" when trying to scan e-mails
within a ssl-connection to the mailprovider. And it was working perfectly
that way!!! 
So I don't understand, why it is not working anymore now and it conflicts
now on localhost.

Kind regards,
Ivan

More information about the stunnel-users mailing list