![]() Notice: Using TLS 1 and 1.1 is usally a bad idea, since both protocols have security flaws, see for example Testssl.sh output of proxied port via stunnel Testing protocols via sockets HTTP2/ALPN (HTTP/2 is a HTTP protocol and thus not tested here) SPDY/NPN (SPDY is an HTTP protocol and thus not tested here) This version is default on debian 10 when you install via sudo apt install stunnel. ![]() Stunnel 5.30 on x86_64-pc-linux-gnu platform There is no need to configure anything special for SSL/TLS within stunnel. I'll add more info when further tests have been done regarding TLS versions.Ībove configuration is correct for proxying different TLS versions. Update: It works with above configuration when both entrys have protocol = smtp. Currently checks security because you're only allowed to send with valid credentials. ![]() What am I doing wrong? Is there another tool which fits better here? I know I could setup an own mailserver which accepts TLS 1.0 and 1.1 and uses as smarthost, but that would be too much, because then I have to care about security. Here is the stunnel config: setuid = stunnel4 However I get an immediate error or some kind of timeout and Thunderbird can't sent the E-Mail. I've tried to comment them out in one or both sections. Before configuring different TLS versions I only wanted to test if this "stunnel proxy" works in general. I have already a valid certificate for this server. Now I wanted to use stunnel to connect to SMTP server and and also listening for smtp access. However SMTP Server only supports TLS 1.2. I have a quite old software which doesn't support TLS 1.2.
0 Comments
Leave a Reply. |