HOWTO: Use SSL/port 465 in smarthost stunnel

Smarthost currently doesn’t permit to use port 465 with SSL to connect to a SMTP server:

Tested in Nethserver V6.8 with Aruba SMTP server
Maybe works in Nethserver V7 too

2017.06.21 EDIT: Yes, it works in v7 too

This is the solution:

Install stunnel:

yum install stunnel

Create a stunnel file configuration:

vi /etc/stunnel/stunnel.conf

With these lines

output=/var/log/stunnel

[smtp-tls-wrapper]
accept=127.0.0.1:11125
client=yes
connect=Your.ISP.SMTP.Server:465

Where Your.ISP.SMTP.Server is the SMTP server of your ISP

Create a file

vi /etc/rc.d/init.d/stunnel

With these lines

#!/bin/bash
#
# Init Script to run stunnel in daemon mode at boot time.
#
# Author: Riccardo Riva - RPM S.r.l.
# Revision 1.0  -  2010 November, 11
#
# Revision 1.1 - 2015 September, 21
#
# 
# Changed definition of SEXE variable to find automatically the path of stunnel
#

#====================================================================
# Run level information:
#
# chkconfig: 2345 99 99
# description: Secure Tunnel
# processname: stunnel
#
# Run "/sbin/chkconfig --add stunnel" to add the Run levels.
# This will setup the symlinks and set the process to run at boot.
#====================================================================

#====================================================================
# Paths and variables and system checks.

# Source function library
. /etc/rc.d/init.d/functions

# Check that networking is up.
#
[ ${NETWORKING} ="yes" ] || exit 0

# Path to the executable.
#
SEXE=`which stunnel`

# Path to the configuration file.
#
CONF=/etc/stunnel/stunnel.conf

# Check the configuration file exists.
#
if [ ! -f $CONF ]
then
	echo "The configuration file cannot be found!"
	exit 0
fi

# Path to the lock file.
#
LOCK_FILE=/var/lock/subsys/stunnel

#====================================================================

# Run controls:

prog=$"stunnel"

RETVAL=0

# Start stunnel as daemon.
#
start() {
	if [ -f $LOCK_FILE ]
	then
		echo "stunnel is already running!"
		exit 0
	else
		echo -n $"Starting $prog: "
		$SEXE $CONF
	fi

	RETVAL=$?
	[ $RETVAL -eq 0 ] && success
	echo
	[ $RETVAL -eq 0 ] && touch $LOCK_FILE
	return $RETVAL
}


# Stop stunnel.
#
stop() {
	if [ ! -f $LOCK_FILE ]
	then
		echo "stunnel is not running!"
		exit 0

	else

		echo -n $"Shutting down $prog: "
		killproc stunnel
		RETVAL=$?
		[ $RETVAL -eq 0 ]
		rm -f $LOCK_FILE
		echo
		return $RETVAL

	fi
}

# See how we were called.
case "$1" in
	start)
		start
		;;
	stop)
		stop
		;;
	restart)
		stop
		start
		;;
	condrestart)
		if [ -f $LOCK_FILE ]
		then
			stop
			start
			RETVAL=$?
		fi
		;;
	status)
		status stunnel
		RETVAL=$?
		;;
	*)
		echo $"Usage: $0 {start|stop|restart|condrestart|status}"
		RETVAL=1	
esac

exit $RETVAL

Then chmod it:

chown root:root /etc/rc.d/init.d/stunnel  
chmod 755 /etc/rc.d/init.d/stunnel

And make it starting at boot:

chkconfig stunnel on

Start the service:

service stunnel start

In dashboard -> Email -> tab “Messages” -> check "Send using a smarthost"
then:

  • Hostname: 127.0.0.1
  • Port: 11125
  • Username: put the username of Your ISP SMTP Server
  • Password: put the password of Your ISP SMTP Server
  • Allow unencrypted connections: checked

Then click to “Submit”

Et Voila’, all works!

If some parameters of your ISP SMTP server changed, remember to modify the /etc/stunnel/stunnel.conf file then restart stunnel with the command

service stunnel restart
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
RHEL7: Configure automatic updates.
Viewed 406 times since Wed, Oct 17, 2018
RHEL: Reinstalling Boot Loader on the Master Boot Record (MBR)
Viewed 1065 times since Sun, May 27, 2018
Linux: how to monitor the nofile limit
Viewed 605 times since Wed, Jul 25, 2018
SSH Essentials: Working with SSH Servers, Clients, and Keys
Viewed 1148 times since Wed, Jun 27, 2018
20 Linux YUM (Yellowdog Updater, Modified) Commands for Package Management YUM
Viewed 2239 times since Thu, Oct 25, 2018
Applescript: Run or Call a Shell Script
Viewed 579 times since Tue, Aug 6, 2019
Top 20 OpenSSH Server Best Security Practices ssh linux aix
Viewed 80 times since Fri, May 15, 2020
Kernel sysctl configuration file for Linux
Viewed 979 times since Fri, Aug 3, 2018
8 Vim Tips And Tricks That Will Make You A Pro User
Viewed 486 times since Fri, Apr 19, 2019
HowTo: Send Email from an SMTP Server using the Command Line
Viewed 420 times since Mon, Feb 18, 2019