rejetto forum

Sendmail fails

bembudo · 5 · 14796

0 Members and 1 Guest are viewing this topic.

Offline bembudo

  • Occasional poster
  • *
    • Posts: 3
    • View Profile
Hello all,

I hope people still monitor this forum as I do not see a post since 2015, anyway I cant seem to wrap my head around the error I am getting when trying the test email function. After trying to use the default port 4650 I decided I would google alternatives and found a forum that specifies how to setup stunnel
http://www.charmedquark.com/vb_forum/showthread.php?t=7943

please see my setup below and also the logs from both sendmail & stunnel

Ive ensured stunnel service is running, restarted it a couple of times, disabled my firewall enabled DMZ on my router, however I don't seem to believe stunnel Is being blocked otherwise HTTPS would not work but it does with no problems

any help greatly appreciated


[SMTP]
protocol = smtp
client = yes
accept=5000
connect=smtp.gmail.com:465


Please see the sendemail log below:

Apr 30 21:42:17 mike-pc Email.exe[5792]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 21:43:33 mike-pc Email.exe[4736]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 21:43:44 mike-pc Email.exe[7568]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 21:46:05 mike-pc Email.exe[4400]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 21:50:09 mike-pc Email.exe[4752]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 22:17:01 mike-pc Email.exe[6788]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 22:17:05 mike-pc Email.exe[8736]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 22:18:22 mike-pc Email.exe[6872]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 22:18:30 mike-pc Email.exe[3216]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 23:38:45 mike-pc Email.exe[2184]: ERROR => localhost:4650 returned a zero byte response to our query.
Apr 30 23:49:56 mike-pc Email.exe[2568]: ERROR => localhost:4650 returned a zero byte response to our query.
May 01 14:45:06 mike-pc Email.exe[6280]: ERROR => Connection attempt to localhost:4650 failed: IO::Socket::INET: connect: Unknown error
May 01 14:45:58 mike-pc Email.exe[1812]: ERROR => Connection attempt to localhost:4650 failed: IO::Socket::INET: connect: Unknown error
May 01 14:51:49 mike-pc Email.exe[4052]: ERROR => Connection attempt to 5000:25 failed: IO::Socket::INET: connect: Unknown error


stunnel.log below

2016.05.01 14:51:26 LOG5[7820]: Service [SMTP] accepted connection from 127.0.0.1:54245
2016.05.01 14:51:26 LOG6[7820]: s_connect: connecting 173.194.204.108:465
2016.05.01 14:51:26 LOG5[7820]: s_connect: connected 173.194.204.108:465
2016.05.01 14:51:26 LOG5[7820]: Service [SMTP] connected remote server from 192.168.0.2:54246
2016.05.01 14:51:36 LOG3[7820]: Unexpected socket close (s_read)
2016.05.01 14:51:36 LOG5[7820]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2016.05.01 14:52:06 LOG5[5788]: Service [SMTP] accepted connection from 192.168.0.2:54334
2016.05.01 14:52:06 LOG6[5788]: s_connect: connecting 173.194.204.109:465
2016.05.01 14:52:06 LOG5[5788]: s_connect: connected 173.194.204.109:465
2016.05.01 14:52:06 LOG5[5788]: Service [SMTP] connected remote server from 192.168.0.2:54335
2016.05.01 14:52:16 LOG3[5788]: Unexpected socket close (s_read)
2016.05.01 14:52:16 LOG5[5788]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2016.05.01 14:52:20 LOG5[8524]: Service [SMTP] accepted connection from 192.168.0.2:54342
2016.05.01 14:52:20 LOG6[8524]: s_connect: connecting 173.194.204.108:465
2016.05.01 14:52:20 LOG5[8524]: s_connect: connected 173.194.204.108:465
2016.05.01 14:52:20 LOG5[8524]: Service [SMTP] connected remote server from 192.168.0.2:54343
2016.05.01 14:52:30 LOG3[8524]: Unexpected socket close (s_read)
2016.05.01 14:52:30 LOG5[8524]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
2016.05.01 14:53:01 LOG5[7908]: Service [SMTP] accepted connection from 127.0.0.1:54436
2016.05.01 14:53:01 LOG6[7908]: s_connect: connecting 173.194.204.109:465
2016.05.01 14:53:01 LOG5[7908]: s_connect: connected 173.194.204.109:465
2016.05.01 14:53:01 LOG5[7908]: Service [SMTP] connected remote server from 192.168.0.2:54437
2016.05.01 14:53:11 LOG3[7908]: Unexpected socket close (s_read)
2016.05.01 14:53:11 LOG5[7908]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket


Offline LeoNeeson

  • Tireless poster
  • ****
    • Posts: 859
  • Status: On hiatus       (sporadically here)
    • View Profile
    • twitter.com/LeoNeeson
Hi there! :) I monitor all the forum. Maybe you may say us more about your system, like: which Windows version are you using, firewall, etc.

bmartino1 may know more about this. I don't know, but you may be needing to configure stunnel to accept or let it pass-through the port 4650.
HFS in Spanish (HFS en Español) / How to compile HFS (Tutorial)
» Currently taking a break, until HFS v2.4 get his stable version.


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
https://www.stunnel.org/howto.html
https://www.stunnel.org/config_windows.html

this seem to be more of a stunnel config issue

I believe your erroring out because the port info in the config is not where it should be

4650, is the random tls port it tried to use (no 100% sure with out a log....)

review the config here and update as needed:
https://www.stunnel.org/config_windows.html

[SMTP]
protocol = smtp
client = yes
accept=5000
connect=smtp.gmail.com:465

should become:

[gmail-smtp]
client = yes
accept = 0.0.0.0:5000
connect = smtp.gmail.com:465

(0.0.0.0) mean any/all ips in the end you want it to become you static adapter interface IP ie 192.168.1.x
portocal is not needed, it breaks more things then it helps

Keep in mind that stunnel is just a nat software program device that adds tunnel creation and certificate authorization....

with out testing your cert adn other, i would recomend the full info form the website:
[gmail-smtp]
client = yes
accept = 127.0.0.1:25   <---ip:port porgarm sending to stunel for netwrok tunel escuaplation....
connect = smtp.gmail.com:465 <--- where trafice is nat to....
verify = 2    <2step verfy tunel creation unsure if need, taken in out for testing... (phase1 / phase2 tunnel creation....)
https://www.stunnel.org/pipermail/stunnel-users/2013-September/004337.html
CAfile = ca-certs.pem <--- your cert file for google authrization of who connected not needed as the porgram conected should be sending gooogle auth credentails as well....
checkHost = smtp.gmail.com <---dns check is it up
OCSPaia = yes <Unknown i requrire more research for this option....  unsure if need, taken it out for testing... (I belvie it to be a type of encryption for stunnel checks...) https://www.stunnel.org/pipermail/stunnel-users/2008-July/002068.html
« Last Edit: May 03, 2016, 05:57:37 PM by bmartino1 »
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing


Offline bembudo

  • Occasional poster
  • *
    • Posts: 3
    • View Profile
Hi ,

Thank you so much for your reply, Please see what I am running below

Windows 10 Pro
Netgear Genie  WNDR3400v2 

I tried following your instructions above and noticed the installvars.db is overwritten to the default port 4650 every time I click on Save Email Settings or even if I close out and go back in.  Should I be paying attention to this ? should  EMAIL-HOSTNAME=localhost:5000    ? I'm tempted to start all over again I just need to know if there's something I'm missing ?


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 911
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
Hi ,

Thank you so much for your reply, Please see what I am running below

Windows 10 Pro
Netgear Genie  WNDR3400v2 

I tried following your instructions above and noticed the installvars.db is overwritten to the default port 4650 every time I click on Save Email Settings or even if I close out and go back in.  Should I be paying attention to this ? should  EMAIL-HOSTNAME=localhost:5000    ? I'm tempted to start all over again I just need to know if there's something I'm missing ?

-----------------------
not a big fan of netgears net genie, i had problem with there genie interface as an ISP tech...


Had alot of things break due to the genie interface...

Always opted to the ddwrt/opensource alternative...
http://www.myopenrouter.com/download/dd-wrt-netgear-wndr3400v2-heartbleed-protection

http://www.dd-wrt.com/wiki/index.php/Supported_Devices#Netgear
WNDR3400   v2   PY311100156   Broadcom
BCM5358U @530   64   8   SOC &
Broadcom BCM43236   b/g/n 2x2:2
a/n 2x2:2   -   yes   yes   4 LAN
1 WAN   12V 1.5A   1 USB 2.0   TBD-no ddwrt

no ddwrt then open wrt:
https://wiki.openwrt.org/toh/netgear/wndr3400
---------------------

i don't know what yo mean or say by " installvars.db" that to me seems like a sql database file... I'm nsure what and or where this is comming from....

i would recommend pointing you here, when i posted info on stunnel, there some files to install before and a do over might help fix the issue.
There shouldn't be anything overwrite stunnel. (silent plz edition does this for HFS automatically, it overwrites to protect HFS and ssl config within the setup itself)

This might help you further:
http://www.rejetto.com/forum/hfs-~-http-file-server/stunnel-and-hfs-(securing-your-hfs)/

if it for gmail smtp only, you will only need this, the rest is if your using cert auth...:

[gmail-smtp]
client = yes
accept = 5000
connect = smtp.gmail.com:465

localhost is fine, almost all pc have localhost set to ip 127.0.0.1

-----------------------------
(windows registry can change the IP... along with other OS that have option to chage the IP...)
i don't recommend local host as it normal doesn't travel beyond you PC, if you want it to go further, it will need to be the interface IP
http://superuser.com/questions/377634/how-can-i-make-localhost-resolve-to-127-0-0-1-instead-of-1
https://support.microsoft.com/en-us/kb/158474
-----------------------------

if there is something overwriting to 4650, you will need to figure out why and where, otherwise the reset might not due anything...

I would still recommend you starting over and make the portable version first, then install them separately, to make sure you have the necessary files on you PC and things working properly.

also there been an update to openssl witch is what stunnel uses for  some of its encryptions:
Available updates include:
OpenSSL 1.0.2h  for 1.0.2 users
OpenSSL 1.0.1t  for 1.0.1 users
Files I have snagged and share can be found on my google drive:

https://drive.google.com/drive/folders/1qb4INX2pzsjmMT06YEIQk9Nv5jMu33tC?usp=sharing