killervette
Active Member
So what is the status on sending email through SSL ports? can it be done? I cant get gmail to work. I then tried comcast which uses port 587 and I cant get it to work either? how are you guys sending emails?
Elk M1 send email through gmail or comcast?
- Thread starter killervette
- Start date
killervette
Active Member
tried stunnel...i cant seem to get elk to connect to it. i am using an internal ip 192.168.1.x for the connection. I have stunnel configurated as described on the net. Anything i should look for.
I am sending through Comcast without using SSL. The email capabilities of the Elk system are seriously lacking. Little has changed in 2 years. Hopefully the push of ISP's moving to SSL will convince ELk to make some changes if they aren't already working on it...Other than that the Elk is awesome!
I didn't think stunnel would work with email. I haven't tried it. But typically the initial connection is plaintext, and then SSL/TLS is negotiated after the client queries the SMTP server for its capabilities. Unless stunnel makes a special provision for SMTP, I doubt it will work.
I don't know what you're running stunnel on, but if it's a unix box of some sort, you can just configure postfix as a local relay. This is what I do.
I don't know what you're running stunnel on, but if it's a unix box of some sort, you can just configure postfix as a local relay. This is what I do.
wuench
Senior Member
It works fine. I use it with my Elk. SSL doesn't care what is carried through it. You have it backwards, SSL is negotiated first, then once a tunnel is established the protocol running over it is negotiated.
I would make sure you have a windows firewall entry for the port you setup in stunnel, that would be the first thing to check. Next you might want to check your antivirus, or any other security software to see if it is scanning your email. A lot of these products proxy your SMTP, so when you send mail from your PC you actually send to your antivirus and it forwards to you provider. Sitting in the middle it can scan your mail, and it could interfere. So disable any of those temporarily to rule them out.
As for troubleshooting after that, let's say you have port 5000 setup in stunnel to forward to gmail port 465
<ELK> ---> 5000 <PC> ---> 465 smtp.gmail.com
1.) Make sure stunnel is running and answering requests. Do a netstat -a and you should see an entry for the port you setup 5000 with a status of LISTENING.
2.) From the PC running stunnel, open a command prompt and telnet localhost 5000. You should get a flashing cursor or even better a response from the gmail server.
3.) From another PC telnet to port 5000 (telnet <address> 5000) and you should at least get a flashing cursor. If you get a "could not connect message..." then it is probably a firewall issue on the PC running stunnel.
3.) Next test the gmail connection with telnet. telnet smtp.gmail.com 465 from the PC running stunnel. If that's not working then something is blocking your PC getting out, could be your router, could be you can't resolve the DNS name smtp.gmail.com. Could be an issue in the internet or your service provider.
So run through those and tell us how far you get. If all those are working for you then it is most likely something with your Elk configuration.
wuench
Senior Member
Oh and here's another little tidbit for you all using stunnel. The only difference between the Elk's Secure Port (2601) and non-secure Port (2101) is that 2601 is running over SSL and requires you to login. I confirmed that with stunnel. If you setup stunnel to forward to the Elk 2601, you can telnet to your stunnel port and talk to the elk with the ASCII protocol.
So given that the M1XEP already has the SSL code onboard already, I concur that there is very little reason to not support SSL email natively.
So given that the M1XEP already has the SSL code onboard already, I concur that there is very little reason to not support SSL email natively.
briankelly63
Active Member
Another solution is set up your own free, local email server that has a lot of different uses...
pmail.com
http://pmail.com/m32_472.htm
Brian
pmail.com
http://pmail.com/m32_472.htm
Brian
AceCannon
Active Member
Wow I've got a lot to learn.
From stunnel.org:
I'm stuck way back at getting stunnel working on a PC on my LAN.
I will keep reading before I download a thing!
The only thing that seems very clear to me is that getting the XEP to send me emails/SMS via email would be much easier if it supported SSL directly.
From stunnel.org:
I'm stuck way back at getting stunnel working on a PC on my LAN.
I will keep reading before I download a thing!
The only thing that seems very clear to me is that getting the XEP to send me emails/SMS via email would be much easier if it supported SSL directly.
Spanky
Senior Member
The current email software in the M1XEP does not support SSL. There is now available a new operating system that is supposed to support SSL and Elk is looking into it. It takes a major rewrite of the M1XEP to implement the new operating system. Other considerations are a server based email forwarding that can handle SSL.
Since we can already implement this solution via our own servers, for security reasons I don't see value in Elk Products pursuing this solution. Being tied to a subscription service which provides concentrated targets for hackers and is subject to others' security policies is one factor that disqualified Control4 for me.
SSL is *not* negotiated first in the case of port 25 or 587.
wuench
Senior Member
I think we'll just have to agree to disagree. It's not pertinent to the O.P.'s issues with stunnel anyway.
I'm in the same boat as you. I don't know enough about all the network protocols to get this working either. I have stunnel installed and running (as far as I can tell), but that does seem to only be part of the equation. I'm going to try the tests Wunch suggested and see where that gets me.
But if anyone is away of a step by step "How To for Dummies" I'd love to see it. :huh: I would really like to get email notifications working with my EK.
