HELO handshake problem (?)
In a Windows 10 machine I'm using a tool (Netwrix Service Monitor) with a SMTP notification feature that doesn't support authentication, so I'm using Stunnel 5.72 as a local relay for SMTP2GO (smtp2go.com), with this configuration: [smtp2go] client = yes accept = 127.0.0.1:25 connect = mail.smtp2go.com:2525 protocol = smtp protocolAuthentication = plain protocolHost = cloud.mydomain.com protocolUsername = smtp2go@mydomain.com protocolPassword = P@ssw0rd debug = 7 I try both PLAIN and LOGIN as authentication mode, with this is error: LOGIN: " ... TLS connected: new session negotiated TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption) Peer temporary key: X25519, 253 bits Compression: null, expansion: null -> HELO cloud.mydomain.com <- 250 mail.smtp2go.com Hello cloud.mydomain.com [x.x.x.x] -> AUTH LOGIN <- 503 AUTH command used when not advertised Remote server does not support LOGIN authentication ... " PLAIN: " ... TLS connected: new session negotiated TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption) Peer temporary key: X25519, 253 bits Compression: null, expansion: null -> HELO cloud.mydomain.com <- 250 mail.smtp2go.com Hello cloud.mydomain.com [x.x.x.x] -> AUTH PLAIN ******************************************** <- 503 AUTH command used when not advertised PLAIN Authentication Failed Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket Deallocating application specific data for session connect address ... " Can anyone help me solve this problem? Thanks!
On Sat, Apr 06, 2024 at 06:35:35AM -0000, Ducale Ducale wrote:
In a Windows 10 machine I'm using a tool (Netwrix Service Monitor) with a SMTP notification feature that doesn't support authentication, so I'm using Stunnel 5.72 as a local relay for SMTP2GO (smtp2go.com), with this configuration: [snip]
I try both PLAIN and LOGIN as authentication mode, with this is error:
LOGIN: " ... TLS connected: new session negotiated TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption) Peer temporary key: X25519, 253 bits Compression: null, expansion: null -> HELO cloud.mydomain.com <- 250 mail.smtp2go.com Hello cloud.mydomain.com [x.x.x.x] -> AUTH LOGIN <- 503 AUTH command used when not advertised Remote server does not support LOGIN authentication ... "
PLAIN: [snip]
Can anyone help me solve this problem? Thanks!
Hi, So it seems that the SMTP server is being pedantic, and it seems to require a client to ask for extended SMTP features before actually using them. I think the attached patch should fix the problem; it at least gets me a bit further with mail.smtp2go.com - it gets me to the "let's verify the credentials you sent" phase. G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@debian.org pp@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
On 4/9/24 01:31, Peter Pentchev wrote:
So it seems that the SMTP server is being pedantic, and it seems to require a client to ask for extended SMTP features before actually using them.
Merged. See stunnel-5.73b1 on https://www.stunnel.org/downloads.html. Thank you, Peter. Best regards, Mike
participants (3)
-
Ducale Ducale -
Michał Trojnara -
Peter Pentchev