Hello, We needed to reconfigure Stunnel for the SAP Business Objects server that sent email reports from G Suite over to a configuration that sends from an O365 account.
The problem is that some of the reports work fine after the reconfiguration, while others always fail and I can't find out why and nothing has changed other than the mail settings. Microsoft doesn't even see the failed reports hitting their servers but when I look at Stunnel it seems like the TLS connection is being established correctly and I can see the connection being established from our firewall logs. I've attached the current O365 config as well as the old GSuite conifg, as well as logs of the debug output I see when I run a report that succeeds versus a report that fails. Can anyone give me an idea as to why Stunnel seems to be working to send out some reports but not others? Thank you, David Schmidt | Administrateur TI / IT Administrator | MTYGroup.com<http://mtygroup.com/> T+1 514-336-8885 Ext 8236 | C+1 514-708-7299 | 8210, route Transcanadienne, St. Laurent, QC, H4S 1M5 [http://mtygroup.com/signature/gif/use_this_left.gif]<http://mtygroup.com> [http://mtygroup.com/signature/gif/use_this_right.gif] <http://mtygroup.com> AVERTISSEMENT CONCERNANT LA CONFIDENTIALIT? / WARNING CONCERNING CONFIDENTIALITY Ce message peut contenir des informations confidentielles, privil?gi?es, et seulement pour ses destinataires. Si vous avez re?u ce message par erreur, veuillez en informer imm?diatement l'exp?diteur par retour de courriel et supprimer cette communication de votre syst?me. This email message may contain information that is confidential, privileged, and for communication only to its intended recipient or recipients. If you have received this message in error, please immediately notify the sender and delete the original message without making a copy.
OldGSuitestunnel.conf
Description: OldGSuitestunnel.conf
CurrentO365stunnel.conf
Description: CurrentO365stunnel.conf
2019.05.10 09:15:54 LOG7[main]: Found 1 ready file descriptor(s) 2019.05.10 09:15:54 LOG7[main]: FD=172 ifds=r-x ofds=--- 2019.05.10 09:15:54 LOG7[main]: Service [o365-smtp] accepted (FD=788) from 127.0.0.1:58065 2019.05.10 09:15:54 LOG7[main]: Creating a new thread 2019.05.10 09:15:54 LOG7[main]: New thread created 2019.05.10 09:15:54 LOG7[594]: Service [o365-smtp] started 2019.05.10 09:15:54 LOG7[594]: Setting local socket options (FD=788) 2019.05.10 09:15:54 LOG7[594]: Option TCP_NODELAY set on local socket 2019.05.10 09:15:54 LOG5[594]: Service [o365-smtp] accepted connection from 127.0.0.1:58065 2019.05.10 09:15:54 LOG6[594]: failover: priority, starting at entry #0 2019.05.10 09:15:54 LOG6[594]: s_connect: connecting 52.96.12.178:587 2019.05.10 09:15:54 LOG7[594]: s_connect: s_poll_wait 52.96.12.178:587: waiting 10 seconds 2019.05.10 09:15:54 LOG5[594]: s_connect: connected 52.96.12.178:587 2019.05.10 09:15:54 LOG5[594]: Service [o365-smtp] connected remote server from 10.1.30.7:58066 2019.05.10 09:15:54 LOG7[594]: Setting remote socket options (FD=756) 2019.05.10 09:15:54 LOG7[594]: Option TCP_NODELAY set on remote socket 2019.05.10 09:15:54 LOG7[594]: Remote descriptor (FD=756) initialized 2019.05.10 09:15:54 LOG7[594]: <- 220 DM6PR06CA0068.outlook.office365.com Microsoft ESMTP MAIL Service ready at Fri, 10 May 2019 13:15:54 +0000 2019.05.10 09:15:54 LOG7[594]: -> 220 DM6PR06CA0068.outlook.office365.com Microsoft ESMTP MAIL Service ready at Fri, 10 May 2019 13:15:54 +0000 2019.05.10 09:15:54 LOG7[594]: -> EHLO localhost 2019.05.10 09:15:54 LOG7[594]: <- 250-DM6PR06CA0068.outlook.office365.com Hello [72.142.112.2] 2019.05.10 09:15:54 LOG7[594]: <- 250-SIZE 157286400 2019.05.10 09:15:54 LOG7[594]: <- 250-PIPELINING 2019.05.10 09:15:54 LOG7[594]: <- 250-DSN 2019.05.10 09:15:54 LOG7[594]: <- 250-ENHANCEDSTATUSCODES 2019.05.10 09:15:54 LOG7[594]: <- 250-STARTTLS 2019.05.10 09:15:54 LOG7[594]: <- 250-8BITMIME 2019.05.10 09:15:54 LOG7[594]: <- 250-BINARYMIME 2019.05.10 09:15:54 LOG7[594]: <- 250-CHUNKING 2019.05.10 09:15:54 LOG7[594]: <- 250 SMTPUTF8 2019.05.10 09:15:54 LOG7[594]: -> STARTTLS 2019.05.10 09:15:54 LOG7[594]: <- 220 2.0.0 SMTP server ready 2019.05.10 09:15:54 LOG6[594]: SNI: sending servername: smtp.office365.com 2019.05.10 09:15:54 LOG6[594]: Peer certificate required 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): before SSL initialization 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS write client hello 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS write client hello 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS read server hello 2019.05.10 09:15:54 LOG7[594]: Verification started at depth=2: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA 2019.05.10 09:15:54 LOG7[594]: CERT: Pre-verification succeeded 2019.05.10 09:15:54 LOG6[594]: Certificate accepted at depth=2: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA 2019.05.10 09:15:54 LOG7[594]: Verification started at depth=1: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1 2019.05.10 09:15:54 LOG7[594]: CERT: Pre-verification succeeded 2019.05.10 09:15:54 LOG6[594]: Certificate accepted at depth=1: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1 2019.05.10 09:15:54 LOG7[594]: Verification started at depth=0: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=outlook.com 2019.05.10 09:15:54 LOG7[594]: CERT: Pre-verification succeeded 2019.05.10 09:15:54 LOG6[594]: CERT: No subject checks configured 2019.05.10 09:15:54 LOG5[594]: Certificate accepted at depth=0: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=outlook.com 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS read server certificate 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS read server key exchange 2019.05.10 09:15:54 LOG6[594]: Empty client CA list 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS read server certificate request 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS read server done 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS write client certificate 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS write client key exchange 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS write change cipher spec 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS write finished 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS write finished 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS read change cipher spec 2019.05.10 09:15:54 LOG7[594]: TLS state (connect): SSLv3/TLS read finished 2019.05.10 09:15:54 LOG7[594]: New session callback 2019.05.10 09:15:54 LOG7[594]: Deallocating application specific data for session connect address 2019.05.10 09:15:54 LOG6[594]: Session id: 633B0000C7E759B893932B4D35B49B37E6F08B0653E91222171A3CFC4ABE2549 2019.05.10 09:15:54 LOG7[594]: 595 client connect(s) requested 2019.05.10 09:15:54 LOG7[594]: 595 client connect(s) succeeded 2019.05.10 09:15:54 LOG7[594]: 0 client renegotiation(s) requested 2019.05.10 09:15:54 LOG7[594]: 8 session reuse(s) 2019.05.10 09:15:54 LOG6[594]: TLS connected: new session negotiated 2019.05.10 09:15:54 LOG6[594]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) 2019.05.10 09:15:54 LOG7[594]: Compression: null, expansion: null 2019.05.10 09:15:58 LOG6[594]: Read socket closed (readsocket) 2019.05.10 09:15:58 LOG7[594]: Sending close_notify alert 2019.05.10 09:15:58 LOG7[594]: TLS alert (write): warning: close notify 2019.05.10 09:15:58 LOG6[594]: SSL_shutdown successfully sent close_notify alert 2019.05.10 09:15:58 LOG6[594]: TLS socket closed (SSL_read) 2019.05.10 09:15:58 LOG7[594]: Sent socket write shutdown 2019.05.10 09:15:58 LOG5[594]: Connection closed: 560758 byte(s) sent to TLS, 935 byte(s) sent to socket 2019.05.10 09:15:58 LOG7[594]: Remote descriptor (FD=756) closed 2019.05.10 09:15:58 LOG7[594]: Local descriptor (FD=788) closed 2019.05.10 09:15:58 LOG7[594]: Service [o365-smtp] finished (0 left)
2019.05.10 09:19:44 LOG7[main]: Found 1 ready file descriptor(s) 2019.05.10 09:19:44 LOG7[main]: FD=172 ifds=r-x ofds=--- 2019.05.10 09:19:44 LOG7[main]: Service [o365-smtp] accepted (FD=612) from 127.0.0.1:59232 2019.05.10 09:19:44 LOG7[main]: Creating a new thread 2019.05.10 09:19:44 LOG7[main]: New thread created 2019.05.10 09:19:44 LOG7[596]: Service [o365-smtp] started 2019.05.10 09:19:44 LOG7[596]: Setting local socket options (FD=612) 2019.05.10 09:19:44 LOG7[596]: Option TCP_NODELAY set on local socket 2019.05.10 09:19:44 LOG5[596]: Service [o365-smtp] accepted connection from 127.0.0.1:59232 2019.05.10 09:19:44 LOG6[596]: failover: priority, starting at entry #0 2019.05.10 09:19:44 LOG6[596]: s_connect: connecting 52.96.12.178:587 2019.05.10 09:19:44 LOG7[596]: s_connect: s_poll_wait 52.96.12.178:587: waiting 10 seconds 2019.05.10 09:19:44 LOG5[596]: s_connect: connected 52.96.12.178:587 2019.05.10 09:19:44 LOG5[596]: Service [o365-smtp] connected remote server from 10.1.30.7:59233 2019.05.10 09:19:44 LOG7[596]: Setting remote socket options (FD=756) 2019.05.10 09:19:44 LOG7[596]: Option TCP_NODELAY set on remote socket 2019.05.10 09:19:44 LOG7[596]: Remote descriptor (FD=756) initialized 2019.05.10 09:19:44 LOG7[596]: <- 220 DM6PR06CA0059.outlook.office365.com Microsoft ESMTP MAIL Service ready at Fri, 10 May 2019 13:19:43 +0000 2019.05.10 09:19:44 LOG7[596]: -> 220 DM6PR06CA0059.outlook.office365.com Microsoft ESMTP MAIL Service ready at Fri, 10 May 2019 13:19:43 +0000 2019.05.10 09:19:44 LOG7[596]: -> EHLO localhost 2019.05.10 09:19:44 LOG7[596]: <- 250-DM6PR06CA0059.outlook.office365.com Hello [72.142.112.2] 2019.05.10 09:19:44 LOG7[596]: <- 250-SIZE 157286400 2019.05.10 09:19:44 LOG7[596]: <- 250-PIPELINING 2019.05.10 09:19:44 LOG7[596]: <- 250-DSN 2019.05.10 09:19:44 LOG7[596]: <- 250-ENHANCEDSTATUSCODES 2019.05.10 09:19:44 LOG7[596]: <- 250-STARTTLS 2019.05.10 09:19:44 LOG7[596]: <- 250-8BITMIME 2019.05.10 09:19:44 LOG7[596]: <- 250-BINARYMIME 2019.05.10 09:19:44 LOG7[596]: <- 250-CHUNKING 2019.05.10 09:19:44 LOG7[596]: <- 250 SMTPUTF8 2019.05.10 09:19:44 LOG7[596]: -> STARTTLS 2019.05.10 09:19:44 LOG7[596]: <- 220 2.0.0 SMTP server ready 2019.05.10 09:19:44 LOG6[596]: SNI: sending servername: smtp.office365.com 2019.05.10 09:19:44 LOG6[596]: Peer certificate required 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): before SSL initialization 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS write client hello 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS write client hello 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS read server hello 2019.05.10 09:19:44 LOG7[596]: Verification started at depth=2: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA 2019.05.10 09:19:44 LOG7[596]: CERT: Pre-verification succeeded 2019.05.10 09:19:44 LOG6[596]: Certificate accepted at depth=2: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA 2019.05.10 09:19:44 LOG7[596]: Verification started at depth=1: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1 2019.05.10 09:19:44 LOG7[596]: CERT: Pre-verification succeeded 2019.05.10 09:19:44 LOG6[596]: Certificate accepted at depth=1: C=US, O=DigiCert Inc, CN=DigiCert Cloud Services CA-1 2019.05.10 09:19:44 LOG7[596]: Verification started at depth=0: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=outlook.com 2019.05.10 09:19:44 LOG7[596]: CERT: Pre-verification succeeded 2019.05.10 09:19:44 LOG6[596]: CERT: No subject checks configured 2019.05.10 09:19:44 LOG5[596]: Certificate accepted at depth=0: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=outlook.com 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS read server certificate 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS read server key exchange 2019.05.10 09:19:44 LOG6[596]: Empty client CA list 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS read server certificate request 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS read server done 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS write client certificate 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS write client key exchange 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS write change cipher spec 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS write finished 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS write finished 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS read change cipher spec 2019.05.10 09:19:44 LOG7[596]: TLS state (connect): SSLv3/TLS read finished 2019.05.10 09:19:44 LOG7[596]: New session callback 2019.05.10 09:19:44 LOG7[596]: Deallocating application specific data for session connect address 2019.05.10 09:19:44 LOG6[596]: Session id: 37170000E6A6ADA442553324864348EB3A7D389B5EA2C13F585D24724FCCC7C9 2019.05.10 09:19:44 LOG7[596]: 597 client connect(s) requested 2019.05.10 09:19:44 LOG7[596]: 597 client connect(s) succeeded 2019.05.10 09:19:44 LOG7[596]: 0 client renegotiation(s) requested 2019.05.10 09:19:44 LOG7[596]: 8 session reuse(s) 2019.05.10 09:19:44 LOG6[596]: TLS connected: new session negotiated 2019.05.10 09:19:44 LOG6[596]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) 2019.05.10 09:19:44 LOG7[596]: Compression: null, expansion: null 2019.05.10 09:19:46 LOG6[596]: Read socket closed (readsocket) 2019.05.10 09:19:46 LOG7[596]: Sending close_notify alert 2019.05.10 09:19:46 LOG7[596]: TLS alert (write): warning: close notify 2019.05.10 09:19:46 LOG6[596]: SSL_shutdown successfully sent close_notify alert 2019.05.10 09:19:46 LOG6[596]: TLS socket closed (SSL_read) 2019.05.10 09:19:46 LOG7[596]: Sent socket write shutdown 2019.05.10 09:19:46 LOG5[596]: Connection closed: 201454 byte(s) sent to TLS, 1775 byte(s) sent to socket 2019.05.10 09:19:46 LOG7[596]: Remote descriptor (FD=756) closed 2019.05.10 09:19:46 LOG7[596]: Local descriptor (FD=612) closed 2019.05.10 09:19:46 LOG7[596]: Service [o365-smtp] finished (0 left)
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
