Project

General

Profile

Actions

Bug #10922

closed

Gmail smtp relay TLS stopped working.

Added by Anton Palmgard about 1 year ago. Updated about 1 year ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
stunnel
Target version:
-
Start date:
09/21/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

Hi, a few days ago up to a week my stunnel connection to smtp-gmail.gmail.com. stopped working with the error:

ep 21 17:25:57 stunnel LOG50: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
Sep 21 17:25:57 stunnel LOG30: Remote server is not RFC 1425 compliant
Sep 21 17:25:57 stunnel LOG50: Service [to_gmail] connected remote server from xxx.xxx.xxx.xxx:29662

Tried from 2 different Locations / sites (i.e companies) same error. The relay work fine without client settings but that leaves TLS to the endpoint.. Office 365 relay works fine with TLS. Contacted Google support but the claimed nothing have been changed. I assume somehting with the TLS version/ CIPHERS is wrong ?

Actions #1

Updated by Jim Pingle about 1 year ago

  • Category set to stunnel
Actions #2

Updated by Viktor Gurov about 1 year ago

  • Status changed from New to Rejected

no such issue on pfSense 2.4.5-p1, pfSense-pkg-stunnel-5.50_4

/usr/local/etc/stunnel/stunnel.conf:

cert = /usr/local/etc/stunnel/stunnel.pem 
chroot = /var/tmp/stunnel 
setuid = stunnel 
setgid = stunnel 

[]
client = yes
accept = 127.0.0.1:2525
connect = smtp.gmail.com:25
debug = 6
TIMEOUTclose = 0
protocol = smtp

test:

# telnet 127.0.0.1 2525
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 smtp.gmail.com ESMTP m10sm13729407edf.11 - gsmtp

works fine, keep further discussion on the forum: https://forum.netgate.com/

Actions #3

Updated by Anton Palmgard about 1 year ago

Hi to clarify we use, smtp-relay.gmail.com as this is used by gsuite.

Actions #4

Updated by Viktor Gurov about 1 year ago

Anton Palmgard wrote:

Hi to clarify we use, smtp-relay.gmail.com as this is used by gsuite.

/usr/local/etc/stunnel/stunnel.conf:

cert = /usr/local/etc/stunnel/stunnel.pem 
chroot = /var/tmp/stunnel 
setuid = stunnel 
setgid = stunnel 

[smtp-relay.gmail.com]
accept = 127.0.0.1:2525
connect = smtp-relay.gmail.com:25
debug = 5
TIMEOUTclose = 0
protocol = smtp

# telnet 127.0.0.1 2525
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 smtp-relay.gmail.com stunnel for ESMTP s23sm4053ljj.6 - gsmtp

same, no issues
Please use https://forum.netgate.com/ for further discussion

Actions

Also available in: Atom PDF