[stunnel-users] SMTP out via Comcast stopped working

Carlos Rodriguez carlosrafi at gmail.com
Fri Nov 29 23:07:49 CET 2019


All:

I have had this setup working fine since Comcast blocked port 25 and
recently stopped working.

This is a MS Small Business Server 2003 with Exchange, I know, old and
obsolete but I would like to keep it working until I migrate to Linux.

Anyway, right now I also have my desktop, Win10, using the same SMTP
settings for the Acronis backup event results and it can send me
emails just fine, just tested this.  So it is not my firewall or
Comcast.  I'm missing something in the settings of stunnel.

Below are my settings and log file.  Any suggestions will be appreciated.

        Carlos



taskbar = yes
[SSLsmtp]
client = yes
accept = localhost:555
connect = smtp.comcast.net:587
protocol = smtp
CAfile = ca-certs.pem
protocolUsername = verifiedusername
protocolPassword = verifiedpassword
debug = 7


================================================
2019.11.29 16:31:24 LOG5[main]: stunnel 5.49 on x86-pc-msvc-1500 platform
2019.11.29 16:31:24 LOG5[main]: Compiled/running with OpenSSL
1.0.2p-fips  14 Aug 2018
2019.11.29 16:31:24 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6
TLS:ENGINE,FIPS,OCSP,PSK,SNI
2019.11.29 16:31:24 LOG5[main]: Reading configuration from file stunnel.conf
2019.11.29 16:31:24 LOG5[main]: UTF-8 byte order mark detected
2019.11.29 16:31:24 LOG5[main]: FIPS mode disabled
2019.11.29 16:31:26 LOG4[main]: Service [SSLsmtp] needs authentication
to prevent MITM attacks
2019.11.29 16:31:26 LOG5[main]: Configuration successful
2019.11.29 16:34:12 LOG7[0]: Service [SSLsmtp] started
2019.11.29 16:34:12 LOG7[0]: Setting local socket options (FD=264)
2019.11.29 16:34:12 LOG7[0]: Option TCP_NODELAY set on local socket
2019.11.29 16:34:12 LOG5[0]: Service [SSLsmtp] accepted connection
from 127.0.0.1:1268
2019.11.29 16:34:12 LOG6[0]: s_connect: connecting 96.114.157.81:587
2019.11.29 16:34:12 LOG7[0]: s_connect: s_poll_wait 96.114.157.81:587:
waiting 10 seconds
2019.11.29 16:34:12 LOG5[0]: s_connect: connected 96.114.157.81:587
2019.11.29 16:34:12 LOG5[0]: Service [SSLsmtp] connected remote server
from 10.10.10.99:1269
2019.11.29 16:34:12 LOG7[0]: Setting remote socket options (FD=288)
2019.11.29 16:34:12 LOG7[0]: Option TCP_NODELAY set on remote socket
2019.11.29 16:34:12 LOG7[0]: Remote descriptor (FD=288) initialized
2019.11.29 16:34:12 LOG7[0]:  <- 220 resomta-po-02v.sys.comcast.net
resomta-po-02v.sys.comcast.net ESMTP server ready
2019.11.29 16:34:12 LOG7[0]:  -> 220 resomta-po-02v.sys.comcast.net
resomta-po-02v.sys.comcast.net ESMTP server ready
2019.11.29 16:34:12 LOG7[0]:  -> EHLO localhost
2019.11.29 16:34:12 LOG7[0]:  <- 250-resomta-po-02v.sys.comcast.net
hello [71.206.38.109], pleased to meet you
2019.11.29 16:34:12 LOG7[0]:  <- 250-HELP
2019.11.29 16:34:12 LOG7[0]:  <- 250-SIZE 36700160
2019.11.29 16:34:12 LOG7[0]:  <- 250-ENHANCEDSTATUSCODES
2019.11.29 16:34:12 LOG7[0]:  <- 250-8BITMIME
2019.11.29 16:34:12 LOG7[0]:  <- 250-STARTTLS
2019.11.29 16:34:12 LOG7[0]:  <- 250 OK
2019.11.29 16:34:12 LOG7[0]:  -> STARTTLS
2019.11.29 16:34:12 LOG7[0]:  <- 220 2.0.0 Ready to start TLS
2019.11.29 16:34:12 LOG6[0]: SNI: sending servername: smtp.comcast.net
2019.11.29 16:34:12 LOG6[0]: Peer certificate not required
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): before/connect initialization
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv2/v3 write client hello A
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server hello A
2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled
2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled
2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled
2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server
certificate A
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server
key exchange A
2019.11.29 16:34:12 LOG6[0]: Client certificate not requested
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server done A
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write client
key exchange A
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write change
cipher spec A
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write finished A
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 flush data
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server
session ticket A
2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read finished A
2019.11.29 16:34:12 LOG7[0]: New session callback
2019.11.29 16:34:12 LOG7[0]: Peer certificate was cached (6814 bytes)
2019.11.29 16:34:12 LOG6[0]: Session id:
11C16B28FFB4A3A4EDC164CA65C3F20A896BF61C4D3B09F571E4285CFD0C82B3
2019.11.29 16:34:12 LOG7[0]:      1 client connect(s) requested
2019.11.29 16:34:12 LOG7[0]:      1 client connect(s) succeeded
2019.11.29 16:34:12 LOG7[0]:      0 client renegotiation(s) requested
2019.11.29 16:34:12 LOG7[0]:      0 session reuse(s)
2019.11.29 16:34:12 LOG6[0]: TLS connected: new session negotiated
2019.11.29 16:34:12 LOG6[0]: TLSv1.2 ciphersuite:
ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption)
2019.11.29 16:34:12 LOG7[0]: Compression: null, expansion: null
2019.11.29 16:34:12 LOG7[0]:  -> AUTH PLAIN
AGNhcmxvc3JyQGNvbWNhc3QubmV0AFNveTFjYXJpZHVybw==
2019.11.29 16:34:12 LOG7[0]:  <- 500 command unrecognized
2019.11.29 16:34:12 LOG3[0]: PLAIN Authentication Failed
2019.11.29 16:34:12 LOG5[0]: Connection reset: 0 byte(s) sent to TLS,
0 byte(s) sent to socket
2019.11.29 16:34:12 LOG7[0]: Remote descriptor (FD=288) closed
2019.11.29 16:34:12 LOG7[0]: Local descriptor (FD=264) closed
2019.11.29 16:34:12 LOG7[0]: Service [SSLsmtp] finished (0 left)


More information about the stunnel-users mailing list