[stunnel-users] Error with negotiation OK
Alix Janeth Jerez
alixj at hotmail.com
Tue May 15 12:56:29 CEST 2018
Hi Flo:
I used 465 port, because is the information that sent service provider
If you see this lines, it connect succesfully, or not?
2018.05.14 12:59:34 LOG6[37]: s_connect: connecting 212.227.15.158:465
2018.05.14 12:59:34 LOG7[37]: s_connect: s_poll_wait 212.227.15.158:465: waiting 10 seconds
2018.05.14 12:59:34 LOG5[37]: s_connect: connected 212.227.15.158:465
2018.05.14 12:59:34 LOG5[37]: Service [pseudo-ssmtp] connected remote server from 172.31.41.84:53558
Best regards,
________________________________
De: Flo Rance <trourance at gmail.com>
Enviado: martes, 15 de mayo de 2018 10:28
Para: Alix Janeth Jerez
Cc: stunnel-users at stunnel.org
Asunto: Re: [stunnel-users] Error with negotiation OK
Hi,
The problem was because you used port 465 (SSL) instead of 587 (STARTTLS). It doesn't seem that 1&1 smtp supports connection on port 465.
Flo
On Tue, May 15, 2018 at 12:16 PM, Alix Janeth Jerez <alixj at hotmail.com<mailto:alixj at hotmail.com>> wrote:
Hi Flo:
Thanks for replying.
With gmail account it works ok.
I setted 1and1 mail account in outlook client with the parameters smtp.1and1.es<http://smtp.1and1.es> port 587 and I can send and receive emails.
Thanks a lot.
Best regards,
________________________________
De: Flo Rance <trourance at gmail.com<mailto:trourance at gmail.com>>
Enviado: martes, 15 de mayo de 2018 10:04
Para: Alix Janeth Jerez
Cc: stunnel-users at stunnel.org<mailto:stunnel-users at stunnel.org>
Asunto: Re: [stunnel-users] Error with negotiation OK
Hi,
IMO, this problem has nothing to do with stunnel.
There are plenty of issues reported on the web, most of them related to Outlook.
Does it happen with all email addresses or a specific one ?
Flo
On Tue, May 15, 2018 at 9:56 AM, Alix Janeth Jerez <alixj at hotmail.com<mailto:alixj at hotmail.com>> wrote:
Hi
I am using lastest stunnel version.
When i try to send an email, i get:
"error permanente de SMTP: 503 Bad sequence of commands".
This is the trace generated when I try to send an email.
2018.05.14 12:59:08 LOG5[main]: Reading configuration from file stunnel.conf
2018.05.14 12:59:08 LOG5[main]: UTF-8 byte order mark not detected
2018.05.14 12:59:08 LOG5[main]: FIPS mode disabled
2018.05.14 12:59:08 LOG5[main]: Configuration successful
2018.05.14 12:59:08 LOG7[main]: Binding service [pseudo-ssmtp]
2018.05.14 12:59:08 LOG7[main]: Listening file descriptor created (FD=568)
2018.05.14 12:59:08 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket
2018.05.14 12:59:08 LOG7[main]: Service [pseudo-ssmtp] (FD=568) bound to 172.31.41.84:116<http://172.31.41.84:116>
2018.05.14 12:59:08 LOG7[main]: Signal pipe is empty
2018.05.14 12:59:22 LOG7[main]: Found 1 ready file descriptor(s)
2018.05.14 12:59:22 LOG7[main]: FD=324 ifds=r-x ofds=r--
2018.05.14 12:59:22 LOG7[main]: Dispatching signals from the signal pipe
2018.05.14 12:59:22 LOG7[main]: Processing SIGNAL_RELOAD_CONFIG
2018.05.14 12:59:22 LOG7[main]: Running on Windows 6.1
2018.05.14 12:59:22 LOG5[main]: Reading configuration from file stunnel.conf
2018.05.14 12:59:22 LOG5[main]: UTF-8 byte order mark not detected
2018.05.14 12:59:22 LOG5[main]: FIPS mode disabled
2018.05.14 12:59:22 LOG7[main]: Compression disabled
2018.05.14 12:59:22 LOG7[main]: Snagged 64 random bytes from C:/.rnd
2018.05.14 12:59:22 LOG7[main]: Wrote 1024 new random bytes to C:/.rnd
2018.05.14 12:59:22 LOG7[main]: PRNG seeded successfully
2018.05.14 12:59:22 LOG6[main]: Initializing service [pseudo-ssmtp]
2018.05.14 12:59:22 LOG7[main]: Ciphers: HIGH:!DH:!aNULL:!SSLv2
2018.05.14 12:59:22 LOG7[main]: TLS options: 0x03000004 (+0x03000000, 0x00000000)
2018.05.14 12:59:22 LOG6[main]: Loading certificate from file: stunnel.pem
2018.05.14 12:59:22 LOG6[main]: Certificate loaded from file: stunnel.pem
2018.05.14 12:59:22 LOG6[main]: Loading private key from file: stunnel.pem
2018.05.14 12:59:22 LOG6[main]: Private key loaded from file: stunnel.pem
2018.05.14 12:59:22 LOG7[main]: Private key check succeeded
2018.05.14 12:59:22 LOG5[main]: Configuration successful
2018.05.14 12:59:22 LOG7[main]: Unbinding service [pseudo-ssmtp]
2018.05.14 12:59:22 LOG7[main]: Service [pseudo-ssmtp] closed (FD=568)
2018.05.14 12:59:22 LOG7[main]: Service [pseudo-ssmtp] closed
2018.05.14 12:59:22 LOG7[main]: Binding service [pseudo-ssmtp]
2018.05.14 12:59:22 LOG7[main]: Listening file descriptor created (FD=568)
2018.05.14 12:59:22 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket
2018.05.14 12:59:22 LOG7[main]: Service [pseudo-ssmtp] (FD=568) bound to 172.31.41.84:116<http://172.31.41.84:116>
2018.05.14 12:59:22 LOG7[main]: Signal pipe is empty
2018.05.14 12:59:34 LOG7[main]: Found 1 ready file descriptor(s)
2018.05.14 12:59:34 LOG7[main]: FD=324 ifds=r-x ofds=---
2018.05.14 12:59:34 LOG7[main]: Service [pseudo-ssmtp] accepted (FD=584) from 172.31.41.84:53557<http://172.31.41.84:53557>
2018.05.14 12:59:34 LOG7[main]: Creating a new thread
2018.05.14 12:59:34 LOG7[main]: New thread created
2018.05.14 12:59:34 LOG7[37]: Service [pseudo-ssmtp] started
2018.05.14 12:59:34 LOG7[37]: Option TCP_NODELAY set on local socket
2018.05.14 12:59:34 LOG5[37]: Service [pseudo-ssmtp] accepted connection from 172.31.41.84:53557<http://172.31.41.84:53557>
2018.05.14 12:59:34 LOG6[37]: failover: round-robin, starting at entry #1
2018.05.14 12:59:34 LOG6[37]: s_connect: connecting 212.227.15.158:465<http://212.227.15.158:465>
2018.05.14 12:59:34 LOG7[37]: s_connect: s_poll_wait 212.227.15.158:465<http://212.227.15.158:465>: waiting 10 seconds
2018.05.14 12:59:34 LOG5[37]: s_connect: connected 212.227.15.158:465<http://212.227.15.158:465>
2018.05.14 12:59:34 LOG5[37]: Service [pseudo-ssmtp] connected remote server from 172.31.41.84:53558<http://172.31.41.84:53558>
2018.05.14 12:59:34 LOG7[37]: Option TCP_NODELAY set on remote socket
2018.05.14 12:59:34 LOG7[37]: Remote descriptor (FD=552) initialized
2018.05.14 12:59:34 LOG6[37]: SNI: sending servername: smtp.1and1.es<http://smtp.1and1.es>
2018.05.14 12:59:34 LOG6[37]: Peer certificate required
2018.05.14 12:59:34 LOG7[37]: TLS state (connect): before/connect initialization
2018.05.14 12:59:34 LOG7[37]: TLS state (connect): SSLv2/v3 write client hello A
2018.05.14 12:59:34 LOG7[37]: TLS state (connect): SSLv3 read server hello A
2018.05.14 12:59:34 LOG7[37]: Verification started at depth=2: C=US, O="thawte, Inc.", OU=Certification Services Division, OU="(c) 2006 thawte, Inc. - For authorized use only", CN=thawte Primary Root CA
2018.05.14 12:59:34 LOG7[37]: CERT: Pre-verification succeeded
2018.05.14 12:59:34 LOG7[37]: OCSP: Ignoring root certificate
2018.05.14 12:59:34 LOG6[37]: Certificate accepted at depth=2: C=US, O="thawte, Inc.", OU=Certification Services Division, OU="(c) 2006 thawte, Inc. - For authorized use only", CN=thawte Primary Root CA
2018.05.14 12:59:34 LOG7[37]: Verification started at depth=1: C=US, O="thawte, Inc.", CN=thawte SSL CA - G2
2018.05.14 12:59:34 LOG7[37]: CERT: Pre-verification succeeded
2018.05.14 12:59:34 LOG5[37]: OCSP: Connecting the AIA responder "http://t2.symcb.com"
2018.05.14 12:59:34 LOG6[37]: s_connect: connecting 23.5.251.27:80<http://23.5.251.27:80>
2018.05.14 12:59:34 LOG7[37]: s_connect: s_poll_wait 23.5.251.27:80<http://23.5.251.27:80>: waiting 10 seconds
2018.05.14 12:59:34 LOG5[37]: s_connect: connected 23.5.251.27:80<http://23.5.251.27:80>
2018.05.14 12:59:34 LOG7[37]: OCSP: Connected t2.symcb.com:80<http://t2.symcb.com:80>
2018.05.14 12:59:34 LOG7[37]: OCSP: Response received
2018.05.14 12:59:34 LOG6[37]: OCSP: Status: good
2018.05.14 12:59:34 LOG6[37]: OCSP: This update: May 13 18:15:02 2018 GMT
2018.05.14 12:59:34 LOG6[37]: OCSP: Next update: May 20 18:15:02 2018 GMT
2018.05.14 12:59:34 LOG5[37]: OCSP: Certificate accepted
2018.05.14 12:59:34 LOG6[37]: Certificate accepted at depth=1: C=US, O="thawte, Inc.", CN=thawte SSL CA - G2
2018.05.14 12:59:34 LOG7[37]: Verification started at depth=0: C=DE, ST=Rheinland-Pfalz, L=Montabaur, O=1&1 Internet SE, CN=smtp.1and1.es<http://smtp.1and1.es>
2018.05.14 12:59:34 LOG7[37]: CERT: Pre-verification succeeded
2018.05.14 12:59:34 LOG6[37]: CERT: Host name "smtp.1and1.es<http://smtp.1and1.es>" matched with "smtp.1and1.es<http://smtp.1and1.es>"
2018.05.14 12:59:34 LOG5[37]: OCSP: Connecting the AIA responder "http://tj.symcd.com"
2018.05.14 12:59:34 LOG6[37]: s_connect: connecting 23.5.251.27:80<http://23.5.251.27:80>
2018.05.14 12:59:34 LOG7[37]: s_connect: s_poll_wait 23.5.251.27:80<http://23.5.251.27:80>: waiting 10 seconds
2018.05.14 12:59:35 LOG5[37]: s_connect: connected 23.5.251.27:80<http://23.5.251.27:80>
2018.05.14 12:59:35 LOG7[37]: OCSP: Connected tj.symcd.com:80<http://tj.symcd.com:80>
2018.05.14 12:59:35 LOG7[37]: OCSP: Response received
2018.05.14 12:59:35 LOG6[37]: OCSP: Status: good
2018.05.14 12:59:35 LOG6[37]: OCSP: This update: May 14 01:38:59 2018 GMT
2018.05.14 12:59:35 LOG6[37]: OCSP: Next update: May 21 01:38:59 2018 GMT
2018.05.14 12:59:35 LOG5[37]: OCSP: Certificate accepted
2018.05.14 12:59:35 LOG5[37]: Certificate accepted at depth=0: C=DE, ST=Rheinland-Pfalz, L=Montabaur, O=1&1 Internet SE, CN=smtp.1and1.es<http://smtp.1and1.es>
2018.05.14 12:59:35 LOG7[37]: TLS state (connect): SSLv3 read server certificate A
2018.05.14 12:59:35 LOG7[37]: TLS state (connect): SSLv3 read server key exchange A
2018.05.14 12:59:35 LOG6[37]: Client certificate not requested
2018.05.14 12:59:35 LOG7[37]: TLS state (connect): SSLv3 read server done A
2018.05.14 12:59:35 LOG7[37]: TLS state (connect): SSLv3 write client key exchange A
2018.05.14 12:59:35 LOG7[37]: TLS state (connect): SSLv3 write change cipher spec A
2018.05.14 12:59:35 LOG7[37]: TLS state (connect): SSLv3 write finished A
2018.05.14 12:59:35 LOG7[37]: TLS state (connect): SSLv3 flush data
2018.05.14 12:59:35 LOG7[37]: TLS state (connect): SSLv3 read finished A
2018.05.14 12:59:35 LOG7[37]: 1 client connect(s) requested
2018.05.14 12:59:35 LOG7[37]: 1 client connect(s) succeeded
2018.05.14 12:59:35 LOG7[37]: 0 client renegotiation(s) requested
2018.05.14 12:59:35 LOG7[37]: 0 session reuse(s)
2018.05.14 12:59:35 LOG6[37]: TLS connected: new session negotiated
2018.05.14 12:59:35 LOG7[37]: Peer certificate was cached (5543 bytes)
2018.05.14 12:59:35 LOG6[37]: Negotiated TLSv1.2 ciphersuite ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption)
2018.05.14 12:59:35 LOG7[37]: Compression: null, expansion: null
2018.05.14 12:59:53 LOG3[36]: transfer: s_poll_wait: TIMEOUTclose exceeded: closing
2018.05.14 12:59:53 LOG5[36]: Connection closed: 15 byte(s) sent to TLS, 166 byte(s) sent to socket
I can't find the error.
Thanks in advance for your help.
Best regards,
Alix
_______________________________________________
stunnel-users mailing list
stunnel-users at stunnel.org<mailto:stunnel-users at stunnel.org>
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20180515/f4479d29/attachment.html>
More information about the stunnel-users
mailing list