HOWTO: Use SSL/port 465 in smarthost stunnel
Smarthost currently doesn’t permit to use port 465 with SSL to connect to a SMTP server:
Tested in Nethserver V6.8 with Aruba SMTP server
Maybe works in Nethserver V7 too
2017.06.21 EDIT: Yes, it works in v7 too
This is the solution:
Install stunnel:
yum install stunnel
Create a stunnel file configuration:
vi /etc/stunnel/stunnel.conf
With these lines
output=/var/log/stunnel
[smtp-tls-wrapper]
accept=127.0.0.1:11125
client=yes
connect=Your.ISP.SMTP.Server:465
Where Your.ISP.SMTP.Server is the SMTP server of your ISP
Create a file
vi /etc/rc.d/init.d/stunnel
With these lines
#!/bin/bash
#
# Init Script to run stunnel in daemon mode at boot time.
#
# Author: Riccardo Riva - RPM S.r.l.
# Revision 1.0 - 2010 November, 11
#
# Revision 1.1 - 2015 September, 21
#
#
# Changed definition of SEXE variable to find automatically the path of stunnel
#
#====================================================================
# Run level information:
#
# chkconfig: 2345 99 99
# description: Secure Tunnel
# processname: stunnel
#
# Run "/sbin/chkconfig --add stunnel" to add the Run levels.
# This will setup the symlinks and set the process to run at boot.
#====================================================================
#====================================================================
# Paths and variables and system checks.
# Source function library
. /etc/rc.d/init.d/functions
# Check that networking is up.
#
[ ${NETWORKING} ="yes" ] || exit 0
# Path to the executable.
#
SEXE=`which stunnel`
# Path to the configuration file.
#
CONF=/etc/stunnel/stunnel.conf
# Check the configuration file exists.
#
if [ ! -f $CONF ]
then
echo "The configuration file cannot be found!"
exit 0
fi
# Path to the lock file.
#
LOCK_FILE=/var/lock/subsys/stunnel
#====================================================================
# Run controls:
prog=$"stunnel"
RETVAL=0
# Start stunnel as daemon.
#
start() {
if [ -f $LOCK_FILE ]
then
echo "stunnel is already running!"
exit 0
else
echo -n $"Starting $prog: "
$SEXE $CONF
fi
RETVAL=$?
[ $RETVAL -eq 0 ] && success
echo
[ $RETVAL -eq 0 ] && touch $LOCK_FILE
return $RETVAL
}
# Stop stunnel.
#
stop() {
if [ ! -f $LOCK_FILE ]
then
echo "stunnel is not running!"
exit 0
else
echo -n $"Shutting down $prog: "
killproc stunnel
RETVAL=$?
[ $RETVAL -eq 0 ]
rm -f $LOCK_FILE
echo
return $RETVAL
fi
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart)
if [ -f $LOCK_FILE ]
then
stop
start
RETVAL=$?
fi
;;
status)
status stunnel
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
RETVAL=1
esac
exit $RETVAL
Then chmod it:
chown root:root /etc/rc.d/init.d/stunnel
chmod 755 /etc/rc.d/init.d/stunnel
And make it starting at boot:
chkconfig stunnel on
Start the service:
service stunnel start
In dashboard -> Email -> tab “Messages” -> check "Send using a smarthost"
then:
- Hostname: 127.0.0.1
- Port: 11125
- Username: put the username of Your ISP SMTP Server
- Password: put the password of Your ISP SMTP Server
- Allow unencrypted connections: checked
Then click to “Submit”
Et Voila’, all works!
If some parameters of your ISP SMTP server changed, remember to modify the /etc/stunnel/stunnel.conf file then restart stunnel with the command
service stunnel restart
Subscribe to Article
Print Article
Email Article to Friend
Export to PDF
Export to MS Word