Hi Carloa, Add
ProtocolAuthentication=login to your configuration and try again. Regards, Jose > On Nov 29, 2019, at 5:07 PM, Carlos Rodriguez <[email protected]> wrote: > > All: > > I have had this setup working fine since Comcast blocked port 25 and > recently stopped working. > > This is a MS Small Business Server 2003 with Exchange, I know, old and > obsolete but I would like to keep it working until I migrate to Linux. > > Anyway, right now I also have my desktop, Win10, using the same SMTP > settings for the Acronis backup event results and it can send me > emails just fine, just tested this. So it is not my firewall or > Comcast. I'm missing something in the settings of stunnel. > > Below are my settings and log file. Any suggestions will be appreciated. > > Carlos > > > > taskbar = yes > [SSLsmtp] > client = yes > accept = localhost:555 > connect = smtp.comcast.net:587 > protocol = smtp > CAfile = ca-certs.pem > protocolUsername = verifiedusername > protocolPassword = verifiedpassword > debug = 7 > > > ================================================ > 2019.11.29 16:31:24 LOG5[main]: stunnel 5.49 on x86-pc-msvc-1500 platform > 2019.11.29 16:31:24 LOG5[main]: Compiled/running with OpenSSL > 1.0.2p-fips 14 Aug 2018 > 2019.11.29 16:31:24 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 > TLS:ENGINE,FIPS,OCSP,PSK,SNI > 2019.11.29 16:31:24 LOG5[main]: Reading configuration from file stunnel.conf > 2019.11.29 16:31:24 LOG5[main]: UTF-8 byte order mark detected > 2019.11.29 16:31:24 LOG5[main]: FIPS mode disabled > 2019.11.29 16:31:26 LOG4[main]: Service [SSLsmtp] needs authentication > to prevent MITM attacks > 2019.11.29 16:31:26 LOG5[main]: Configuration successful > 2019.11.29 16:34:12 LOG7[0]: Service [SSLsmtp] started > 2019.11.29 16:34:12 LOG7[0]: Setting local socket options (FD=264) > 2019.11.29 16:34:12 LOG7[0]: Option TCP_NODELAY set on local socket > 2019.11.29 16:34:12 LOG5[0]: Service [SSLsmtp] accepted connection > from 127.0.0.1:1268 > 2019.11.29 16:34:12 LOG6[0]: s_connect: connecting 96.114.157.81:587 > 2019.11.29 16:34:12 LOG7[0]: s_connect: s_poll_wait 96.114.157.81:587: > waiting 10 seconds > 2019.11.29 16:34:12 LOG5[0]: s_connect: connected 96.114.157.81:587 > 2019.11.29 16:34:12 LOG5[0]: Service [SSLsmtp] connected remote server > from 10.10.10.99:1269 > 2019.11.29 16:34:12 LOG7[0]: Setting remote socket options (FD=288) > 2019.11.29 16:34:12 LOG7[0]: Option TCP_NODELAY set on remote socket > 2019.11.29 16:34:12 LOG7[0]: Remote descriptor (FD=288) initialized > 2019.11.29 16:34:12 LOG7[0]: <- 220 resomta-po-02v.sys.comcast.net > resomta-po-02v.sys.comcast.net ESMTP server ready > 2019.11.29 16:34:12 LOG7[0]: -> 220 resomta-po-02v.sys.comcast.net > resomta-po-02v.sys.comcast.net ESMTP server ready > 2019.11.29 16:34:12 LOG7[0]: -> EHLO localhost > 2019.11.29 16:34:12 LOG7[0]: <- 250-resomta-po-02v.sys.comcast.net > hello [71.206.38.109], pleased to meet you > 2019.11.29 16:34:12 LOG7[0]: <- 250-HELP > 2019.11.29 16:34:12 LOG7[0]: <- 250-SIZE 36700160 > 2019.11.29 16:34:12 LOG7[0]: <- 250-ENHANCEDSTATUSCODES > 2019.11.29 16:34:12 LOG7[0]: <- 250-8BITMIME > 2019.11.29 16:34:12 LOG7[0]: <- 250-STARTTLS > 2019.11.29 16:34:12 LOG7[0]: <- 250 OK > 2019.11.29 16:34:12 LOG7[0]: -> STARTTLS > 2019.11.29 16:34:12 LOG7[0]: <- 220 2.0.0 Ready to start TLS > 2019.11.29 16:34:12 LOG6[0]: SNI: sending servername: smtp.comcast.net > 2019.11.29 16:34:12 LOG6[0]: Peer certificate not required > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): before/connect > initialization > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv2/v3 write client hello > A > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server hello A > 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled > 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled > 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled > 2019.11.29 16:34:12 LOG6[0]: Certificate verification disabled > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server > certificate A > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server > key exchange A > 2019.11.29 16:34:12 LOG6[0]: Client certificate not requested > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server done A > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write client > key exchange A > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write change > cipher spec A > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 write finished A > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 flush data > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read server > session ticket A > 2019.11.29 16:34:12 LOG7[0]: TLS state (connect): SSLv3 read finished A > 2019.11.29 16:34:12 LOG7[0]: New session callback > 2019.11.29 16:34:12 LOG7[0]: Peer certificate was cached (6814 bytes) > 2019.11.29 16:34:12 LOG6[0]: Session id: > 11C16B28FFB4A3A4EDC164CA65C3F20A896BF61C4D3B09F571E4285CFD0C82B3 > 2019.11.29 16:34:12 LOG7[0]: 1 client connect(s) requested > 2019.11.29 16:34:12 LOG7[0]: 1 client connect(s) succeeded > 2019.11.29 16:34:12 LOG7[0]: 0 client renegotiation(s) requested > 2019.11.29 16:34:12 LOG7[0]: 0 session reuse(s) > 2019.11.29 16:34:12 LOG6[0]: TLS connected: new session negotiated > 2019.11.29 16:34:12 LOG6[0]: TLSv1.2 ciphersuite: > ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) > 2019.11.29 16:34:12 LOG7[0]: Compression: null, expansion: null > 2019.11.29 16:34:12 LOG7[0]: -> AUTH PLAIN > AGNhcmxvc3JyQGNvbWNhc3QubmV0AFNveTFjYXJpZHVybw== > 2019.11.29 16:34:12 LOG7[0]: <- 500 command unrecognized > 2019.11.29 16:34:12 LOG3[0]: PLAIN Authentication Failed > 2019.11.29 16:34:12 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, > 0 byte(s) sent to socket > 2019.11.29 16:34:12 LOG7[0]: Remote descriptor (FD=288) closed > 2019.11.29 16:34:12 LOG7[0]: Local descriptor (FD=264) closed > 2019.11.29 16:34:12 LOG7[0]: Service [SSLsmtp] finished (0 left) > _______________________________________________ > stunnel-users mailing list > [email protected] > https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
