cancel
Showing results for 
Search instead for 
Did you mean: 

Configuring BLAT with STUNNEL

new2nbu
Level 4

Hello- I'm new to configuring STUNNEL with BLAT and I'm hoping I can explain this ok but looking for some assistance.  The Netbackup catalog DR file/email can no longer be sent via email using SMTP over port 25 and they are enforcing TLS over port 587.

I have always used BLAT and I have since downloaded stunnel and went through these steps:

  1. Download and install stunnel-5.56-win64-installer.exe
  2. Created a backup of the stunnel.conf.orig.txt file
  3. Edited stunnel.conf text to the following:

            client = yes
             [ssmtp]
             accept = 25
             connect = mailxxx.xxx.corp:587

  1. Save/quit the file
  2. Start/Programs, right-click "service install" and click Run as Administrator
  3. Start/programs, right click "service start" and click Run as Administrator
  4. Edited nbmail.cmd (d\program files\veritas\netbackup\bin) to include blat xxxx -server localhost:25 
  5. Reconfigured blat using this command:  

          blat.exe -installSMTP localhost <sender_email_address> -q -port 25 -u <smtp account> -pw <password>

  1. Send a test email with this command: 

blat.exe -sender <server_email-address> -to myaccount@xx.com -subject "test from %computeraccount%" -body "test"

I receive the following email error:

***Error *** SMTP server error

Error: Not a socket.

Error:Not a socket

Thanks so much -- hopefully it's something easy and I'm just completely missing it!!

1 ACCEPTED SOLUTION

Accepted Solutions

sdo
Moderator
Moderator
Partner    VIP    Certified

Probably best to reach out to the stunnel people to help you debug their logs.

View solution in original post

12 REPLIES 12

sdo
Moderator
Moderator
Partner    VIP    Certified

I suspect that maybe all you need is a local Windows firewall rule to allow incoming traffic to stunnel on the localhost, and/or maybe your A/V is blocking incoming port 25 and/or maybe AV is also blocking outgoing port 587.

Can you telnet to localhost port 25 ?

Can you telnet to SMTP relay host port 587 ?

Thank so much for the reply.  Sorry, I should have included that.  Yes, I can telnet both on ports 25 and 587 to the mail server and the Windows Firewall is turned off.  I was running the test command with blat <blat.exe -server backup_reports@xx.com -to myemailaddress@..com -subject "test from %computeraccount% -body "test" I still receive this error:

Error:Connection to server was dropped.

***Error***SMTP Server error

Error:Not a socket

Error: Not a socket

In the stunnel viewer I do see "SSL_Connect:  ssl/record/ssl3_recored.c:331:  ssl3_get_record:wrong version number.. 

Thanks so much,

 

Krutons
Moderator
Moderator
   VIP   

I'd take a look at your configuration file again, seems like it might be incomplete. Compare your config file to the sample stunnel.conf.

ssl3_get_record:wrong version number
Id assume this pretty much means your system isn't using SSLv3.

Look over the options in your config file, maybe something to specify SSL like below.
options = NO_SSLv3

Ok will do!  Thank you.  I'll take a look and update the thread 

sdo
Moderator
Moderator
Partner    VIP    Certified

You need to be able to telnet port 25 on the localhost, i.e. the host executing the blat command and running the stunnel service (assuming from your config that they are indeed the same host) - i.e. the stunnel service is simply acting as a gateway / hop :

your blat sending on port 25 -> stunnel listenning on port 25, relay in code, stunnel sending on port 587 -> mailhost listenning on port 587

Thanks all to the replies...  unfortunately still running into an issue when running BLAT test command I receive this error:

seems like it's a BLAT configuration issue but I'm missing it I think..  any help appreciated and thanks in advance.

superDebug:  Attempting to connect to IP address 127.0.01, on port 25
Error: Connection to server was dropped
***Error *** SMTP Server error
Error: Not a socket.
Error: Not a socket.

Validated:  I can telnet to localhost on 25, can telnet to mailserver on port 587

Ran:  netstat -ano  and validated stunnel PID listening local address port 25

BLAT install command:  
blat.exe -installSMTP localhost <sender address> -q -port 25 -u <smtp account> -pw <password> 

STUNNEL Config file:  

debug=7
output = stunnel.log

sslVersionMax = TLSV1.2

sslVersion = all
options = NO_SSLv2
options = NO_SSLv3

[ssmtp]
client = yes
accept = 25
connect = <mailserver>:587
cert = stunnel.pem

Krutons
Moderator
Moderator
   VIP   

superDebug:  Attempting to connect to IP address 127.0.01, on port 25

If this is the error you received, that isn't an IP address, maybe you need to change where this IP address is mentioned to 127.0.0.1?

Sorry that was a typo:  

stunnel.exe is the PID that is listening on port 25.  So running a netstat command the output is:
TCP 0.0.0.0:25           LISTENING  3928 (PID) which is stunnel.exe

sdo
Moderator
Moderator
Partner    VIP    Certified

@Krutons is trying to tell you that maybe your blat config is wrong with an incorrect IP address of 127.0.01

Understood but in my original post - blat is configured with 'localhost' not an IPAddress and I also mentioned that it was a typo in the post.  Thanks.

sdo
Moderator
Moderator
Partner    VIP    Certified

Probably best to reach out to the stunnel people to help you debug their logs.

Thank you all for your help.