'Re: SSL POP3 wrapper using stunnel / outlook 2000'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       stunnel-users
Subject:    Re: SSL POP3 wrapper using stunnel / outlook 2000
From:       Scott Gasch <scott () mail ! medsp ! com>
Date:       1999-12-10 4:57:52
[Download RAW message or body]


Many thanks to Mike and Ermirza.  I did indeed try to sniff the
connection but the problem turned out to be even simpler -- for some
strange reason it seems you have to close outlook and restart it after
changing the pop account options to SSL or changing any SSL settings.

Appreciate the help.
Scott


On Fri, Dec 10, 1999 at 11:45:59AM +0800, ermirza erekose wrote:
] 
] I agree with Mike .. try use port 993 (the standard port number for simap)
] coz maybe Outlook is confused (like BGates0:).
] 
] 
] On Wed, 8 Dec 1999, Michal Trojnara wrote:
] 
] > Scott,
] > 
] > From stunnel point of view it looks, like stunnel accepted
] > TCP connection, but your client has closed the connection
] > before SSL hanshaking.  I guess you've set your Outlook
] > to use plain connection on port 995 instead of SSL connection.
] > 
] > Did you try to check the actual data transferred by your
] > Outlook with a sniffer or sth?
] > 
] > Regards,
] >     Mike
] > 
] > >>> Scott Gasch <scott@mail.medsp.com> 1999.12.08 06:16 >>>
] > 
] > Hi,
] > 
] > I am having a terrible time setting up stunnel as a POP3 wrapper on
] > FreeBSD-3.3 RELEASE and accessing it with Outlook 2000.
] > 
] > - I built stunnel with the port and installed it.  Verified
] >   hosts.allow settings and my /etc/services.
] > - Configured Outlook on the client to use SSL and contact the FreeBSD
] >   box as a pop server (it has a working server at 110 already --
] >   cucipop).
] > - Ran stunnel -d 995 -r 110 and stunnel -d 995 -l
] >   /usr/local/libexec/cucipop... and a bunch of other tries...
] > - Outlook is not happy.. it says "The TCP/IP connection was
] >   unexpectedly terminated by the server."
] > - Stunnel with debugging at 7 says:
] > 
] > # stunnel -f -D 7 -d 995 -l /usr/local/libexec/cucipop -p
] > /usr/local/certs/stunnel.pem
] > LOG7[5551:0]: Service name to be used: cucipop
] > LOG7[5551:0]: Generating 512 bit temporary RSA key...
] > LOG7[5551:0]: Temporary RSA key generated
] > LOG7[5551:0]: Diffie-Hellman initialized with 512 bit key
] > LOG7[5551:0]: Certificate: /usr/local/certs/stunnel.pem
] > LOG5[5551:0]: stunnel 3.4a on i386--freebsd3.3 FORK+LIBWRAP
] > LOG7[5551:0]: cucipop bound to 0.0.0.0:995
] > LOG7[5552:0]: cucipop started
] > LOG5[5552:0]: cucipop connected from 10.10.10.12:3453
] > LOG7[5552:0]: Local service connected
] > LOG7[5552:0]: before/accept initialization
] > LOG7[5552:0]: before/accept initialization
] > LOG3[5552:0]: SSL_accept: error:00000000::lib(0) :func(0) :reason(0)
] > LOG7[5551:0]: cucipop[5552] finished with code 0 (0 left)
] > LOG7[5553:0]: Child created
] > 
] > Here's the FAQ data:
] > # uname -a
] > FreeBSD www.medsp.com 3.3-RELEASE FreeBSD 3.3-RELEASE #0: Thu Sep 16
] > 23:40:35 GMT 1999
] > scott@www.medsp.com:/usr/src/sys/compile/MEDSP  i386
] > # gcc -v
] > gcc version 2.7.2.3
] > # openssl version
] > OpenSSL 0.9.4 09 Aug 1999
] > 
] > Appreciate any help!
] > Scott
] > ------------ Output from pgp ------------
] > Signature by unknown keyid: 0x74C732D1
] > Opening file "/dev/null" type text.
] > 
] 

-- 
------------------------------------------------------------------------------
Scott Gasch                                             scott@wannabe.guru.org
http://wannabe.guru.org                                     finger for PGP key

    ``All programmers are playwrights and all computers are lousy actors''

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic