HOWTO: Use SSL/port 465 in smarthost stunnel

Smarthost currently doesn’t permit to use port 465 with SSL to connect to a SMTP server:

Tested in Nethserver V6.8 with Aruba SMTP server
Maybe works in Nethserver V7 too

2017.06.21 EDIT: Yes, it works in v7 too

This is the solution:

Install stunnel:

yum install stunnel

Create a stunnel file configuration:

vi /etc/stunnel/stunnel.conf

With these lines

output=/var/log/stunnel

[smtp-tls-wrapper]
accept=127.0.0.1:11125
client=yes
connect=Your.ISP.SMTP.Server:465

Where Your.ISP.SMTP.Server is the SMTP server of your ISP

Create a file

vi /etc/rc.d/init.d/stunnel

With these lines

#!/bin/bash
#
# Init Script to run stunnel in daemon mode at boot time.
#
# Author: Riccardo Riva - RPM S.r.l.
# Revision 1.0  -  2010 November, 11
#
# Revision 1.1 - 2015 September, 21
#
# 
# Changed definition of SEXE variable to find automatically the path of stunnel
#

#====================================================================
# Run level information:
#
# chkconfig: 2345 99 99
# description: Secure Tunnel
# processname: stunnel
#
# Run "/sbin/chkconfig --add stunnel" to add the Run levels.
# This will setup the symlinks and set the process to run at boot.
#====================================================================

#====================================================================
# Paths and variables and system checks.

# Source function library
. /etc/rc.d/init.d/functions

# Check that networking is up.
#
[ ${NETWORKING} ="yes" ] || exit 0

# Path to the executable.
#
SEXE=`which stunnel`

# Path to the configuration file.
#
CONF=/etc/stunnel/stunnel.conf

# Check the configuration file exists.
#
if [ ! -f $CONF ]
then
	echo "The configuration file cannot be found!"
	exit 0
fi

# Path to the lock file.
#
LOCK_FILE=/var/lock/subsys/stunnel

#====================================================================

# Run controls:

prog=$"stunnel"

RETVAL=0

# Start stunnel as daemon.
#
start() {
	if [ -f $LOCK_FILE ]
	then
		echo "stunnel is already running!"
		exit 0
	else
		echo -n $"Starting $prog: "
		$SEXE $CONF
	fi

	RETVAL=$?
	[ $RETVAL -eq 0 ] && success
	echo
	[ $RETVAL -eq 0 ] && touch $LOCK_FILE
	return $RETVAL
}


# Stop stunnel.
#
stop() {
	if [ ! -f $LOCK_FILE ]
	then
		echo "stunnel is not running!"
		exit 0

	else

		echo -n $"Shutting down $prog: "
		killproc stunnel
		RETVAL=$?
		[ $RETVAL -eq 0 ]
		rm -f $LOCK_FILE
		echo
		return $RETVAL

	fi
}

# See how we were called.
case "$1" in
	start)
		start
		;;
	stop)
		stop
		;;
	restart)
		stop
		start
		;;
	condrestart)
		if [ -f $LOCK_FILE ]
		then
			stop
			start
			RETVAL=$?
		fi
		;;
	status)
		status stunnel
		RETVAL=$?
		;;
	*)
		echo $"Usage: $0 {start|stop|restart|condrestart|status}"
		RETVAL=1	
esac

exit $RETVAL

Then chmod it:

chown root:root /etc/rc.d/init.d/stunnel  
chmod 755 /etc/rc.d/init.d/stunnel

And make it starting at boot:

chkconfig stunnel on

Start the service:

service stunnel start

In dashboard -> Email -> tab “Messages” -> check "Send using a smarthost"
then:

  • Hostname: 127.0.0.1
  • Port: 11125
  • Username: put the username of Your ISP SMTP Server
  • Password: put the password of Your ISP SMTP Server
  • Allow unencrypted connections: checked

Then click to “Submit”

Et Voila’, all works!

If some parameters of your ISP SMTP server changed, remember to modify the /etc/stunnel/stunnel.conf file then restart stunnel with the command

service stunnel restart
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
RHEL: iSCSI target/initiator configuration on RHEL7
Viewed 10912 times since Sat, Jun 2, 2018
Cron YUM How to use yum-cron to automatically update RHEL/CentOS Linux
Viewed 2368 times since Fri, Oct 26, 2018
CentOS / RHEL 7 : Configuring an NFS server and NFS client Linux NFS
Viewed 16287 times since Fri, Feb 21, 2020
RHEL: Route network packets to go out via the same interface they came in
Viewed 2948 times since Sat, Jun 2, 2018
OpenSSL – sprawdzanie czy klucz pasuje do certyfikatu
Viewed 2613 times since Thu, May 24, 2018
ZPOOL: Add a mirror to a concat zpool
Viewed 3688 times since Sun, Jun 3, 2018
RHEL: Reinstalling Boot Loader on the Master Boot Record (MBR)
Viewed 3225 times since Sun, May 27, 2018
RHEL: Multipathing basics
Viewed 8717 times since Sat, Jun 2, 2018
A tcpdump Tutorial and Primer with Examples
Viewed 5018 times since Sun, Jun 17, 2018
high swap space utilization in LINUX
Viewed 6469 times since Fri, Jul 13, 2018