HOWTO: Use SSL/port 465 in smarthost stunnel

Smarthost currently doesn’t permit to use port 465 with SSL to connect to a SMTP server:

Tested in Nethserver V6.8 with Aruba SMTP server
Maybe works in Nethserver V7 too

2017.06.21 EDIT: Yes, it works in v7 too

This is the solution:

Install stunnel:

yum install stunnel

Create a stunnel file configuration:

vi /etc/stunnel/stunnel.conf

With these lines

output=/var/log/stunnel

[smtp-tls-wrapper]
accept=127.0.0.1:11125
client=yes
connect=Your.ISP.SMTP.Server:465

Where Your.ISP.SMTP.Server is the SMTP server of your ISP

Create a file

vi /etc/rc.d/init.d/stunnel

With these lines

#!/bin/bash
#
# Init Script to run stunnel in daemon mode at boot time.
#
# Author: Riccardo Riva - RPM S.r.l.
# Revision 1.0  -  2010 November, 11
#
# Revision 1.1 - 2015 September, 21
#
# 
# Changed definition of SEXE variable to find automatically the path of stunnel
#

#====================================================================
# Run level information:
#
# chkconfig: 2345 99 99
# description: Secure Tunnel
# processname: stunnel
#
# Run "/sbin/chkconfig --add stunnel" to add the Run levels.
# This will setup the symlinks and set the process to run at boot.
#====================================================================

#====================================================================
# Paths and variables and system checks.

# Source function library
. /etc/rc.d/init.d/functions

# Check that networking is up.
#
[ ${NETWORKING} ="yes" ] || exit 0

# Path to the executable.
#
SEXE=`which stunnel`

# Path to the configuration file.
#
CONF=/etc/stunnel/stunnel.conf

# Check the configuration file exists.
#
if [ ! -f $CONF ]
then
	echo "The configuration file cannot be found!"
	exit 0
fi

# Path to the lock file.
#
LOCK_FILE=/var/lock/subsys/stunnel

#====================================================================

# Run controls:

prog=$"stunnel"

RETVAL=0

# Start stunnel as daemon.
#
start() {
	if [ -f $LOCK_FILE ]
	then
		echo "stunnel is already running!"
		exit 0
	else
		echo -n $"Starting $prog: "
		$SEXE $CONF
	fi

	RETVAL=$?
	[ $RETVAL -eq 0 ] && success
	echo
	[ $RETVAL -eq 0 ] && touch $LOCK_FILE
	return $RETVAL
}


# Stop stunnel.
#
stop() {
	if [ ! -f $LOCK_FILE ]
	then
		echo "stunnel is not running!"
		exit 0

	else

		echo -n $"Shutting down $prog: "
		killproc stunnel
		RETVAL=$?
		[ $RETVAL -eq 0 ]
		rm -f $LOCK_FILE
		echo
		return $RETVAL

	fi
}

# See how we were called.
case "$1" in
	start)
		start
		;;
	stop)
		stop
		;;
	restart)
		stop
		start
		;;
	condrestart)
		if [ -f $LOCK_FILE ]
		then
			stop
			start
			RETVAL=$?
		fi
		;;
	status)
		status stunnel
		RETVAL=$?
		;;
	*)
		echo $"Usage: $0 {start|stop|restart|condrestart|status}"
		RETVAL=1	
esac

exit $RETVAL

Then chmod it:

chown root:root /etc/rc.d/init.d/stunnel  
chmod 755 /etc/rc.d/init.d/stunnel

And make it starting at boot:

chkconfig stunnel on

Start the service:

service stunnel start

In dashboard -> Email -> tab “Messages” -> check "Send using a smarthost"
then:

  • Hostname: 127.0.0.1
  • Port: 11125
  • Username: put the username of Your ISP SMTP Server
  • Password: put the password of Your ISP SMTP Server
  • Allow unencrypted connections: checked

Then click to “Submit”

Et Voila’, all works!

If some parameters of your ISP SMTP server changed, remember to modify the /etc/stunnel/stunnel.conf file then restart stunnel with the command

service stunnel restart
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
HowTo: Send Email from an SMTP Server using the Command Line
Viewed 848 times since Mon, Feb 18, 2019
An easier way to manage disk decryption at boot with Red Hat Enterprise Linux 7.5 using NBDE
Viewed 4073 times since Mon, Aug 6, 2018
logrotate Log Rotate Configuration
Viewed 1579 times since Sun, Jan 12, 2020
linux manual tools
Viewed 1162 times since Fri, Sep 28, 2018
RHEL: Scan and configure new SAN (fibre channel) LUNs
Viewed 5577 times since Sun, May 27, 2018
Secure Remote Logging to Central Log Server Using RSYSLOG on CentOS 6 / CentOS 7 and stunnel
Viewed 1117 times since Sun, Dec 6, 2020
Need to set up yum repository for locally-mounted DVD on Red Hat Enterprise Linux 7
Viewed 1706 times since Mon, Oct 29, 2018
RHEL: Services basic management - systemd
Viewed 15988 times since Sat, Jun 2, 2018
Linux - How to monitor memory usage
Viewed 1294 times since Fri, Jun 8, 2018
RHEL: Allowing users to ’su’ to "root" / Allowing ’root’ to login directly to the system using ’ssh’
Viewed 1390 times since Sat, Jun 2, 2018