Jump to content






Photo

STunnel - Ubuntu 16.04 - GMail SMTP

Posted by pete_c , in Email, Uncategorized, OmniPro II modifications 27 April 2017 · 715 views

You can install it on an RPi running Wheezy or Jessie.  This will work for HAI / Elk Email using GMail.
 
I installed it on Ubuntu 16.04 / 64 bit.
 
1 - sudo apt-get install stunnel4
 
2 - nano /etc/default/stunnel4
 
Change: ENABLED=0 to ENABLED=1
 
3 - Configuration
 
create a new stunned configuration file.
 
nano /etc/stunnel/stunnel.conf
 
copy and paste the following to the new file.
; **************************************************************************
; * Global options                                                         *
; **************************************************************************

; Debugging stuff (may be useful for troubleshooting)
; log = overwrite
; foreground = yes
debug = 7
output = /var/log/stunnel4/stunnel.log

; Certificate/key is needed in server mode and optional in client mode
cert = /etc/stunnel/mail.pem
; key  = /etc/stunnel/stunnel.pem

; Enable FIPS 140-2 mode if needed for compliance
fips = no
libwrap=no

; **************************************************************************
; * Service defaults may also be specified in individual service sections  *
; **************************************************************************

; Enable support for the insecure SSLv3 protocol
options = -NO_SSLv3

; These options provide additional security at some performance degradation
options = SINGLE_ECDH_USE
options = SINGLE_DH_USE

; **************************************************************************
; * Service definitions (remove all services for inetd mode)               *
; **************************************************************************

[gmail-smtp]
client = yes
accept = 5000
connect = smtp.gmail.com:465
verify = 2
CApath = /etc/ssl/certs
checkHost = smtp.gmail.com
OCSPaia = yes
 

4 - Generate a certificate
 
a - cd /etc/stunnel
b - sudo openssl req -new -out mail.pem -keyout mail.pem -nodes -x509 -days 365 *
* = press enter for all of the questions.  Certificate is good for 365 days
 
5 - Start stop or restart STunnel
 
sudo /etc/init.d/stunnel4 stop
sudo /etc/init.d/stunnel4 start
sudo /etc/init.d/stunnel4 restart
 
6 - Test it by looking at the stunnel log live
 
tail -f /var/log/stunnel4/stunnel.log
 
7 - Once tested and working change the stunnel.conf file logging options as so
 
; Debugging stuff (may be useful for troubleshooting)
; log = overwrite
; foreground = yes
debug = 5
output = /var/log/stunnel4/stunnel.log

 
debug = LEVEL
debugging level
Level is a one of the syslog level names or numbers emerg (0), alert (1), crit (2), err (3), warning (4), notice (5), info (6), or debug (7). All logs for the specified level and all levels numerically less than it will be shown. Use debug = debug or debug = 7 for greatest debugging output. The default is notice (5).
 




November 2017

S M T W T F S
   1234
567891011
121314151617 18
19202122232425
2627282930  

Recent Comments