Highlighted

Configuring BLAT with STUNNEL

Hello- I'm new to configuring STUNNEL with BLAT and I'm hoping I can explain this ok but looking for some assistance.  The Netbackup catalog DR file/email can no longer be sent via email using SMTP over port 25 and they are enforcing TLS over port 587.

I have always used BLAT and I have since downloaded stunnel and went through these steps:

  1. Download and install stunnel-5.56-win64-installer.exe
  2. Created a backup of the stunnel.conf.orig.txt file
  3. Edited stunnel.conf text to the following:

            client = yes
             [ssmtp]
             accept = 25
             connect = mailxxx.xxx.corp:587

  1. Save/quit the file
  2. Start/Programs, right-click "service install" and click Run as Administrator
  3. Start/programs, right click "service start" and click Run as Administrator
  4. Edited nbmail.cmd (d\program files\veritas\netbackup\bin) to include blat xxxx -server localhost:25 
  5. Reconfigured blat using this command:  

          blat.exe -installSMTP localhost <sender_email_address> -q -port 25 -u <smtp account> -pw <password>

  1. Send a test email with this command: 

blat.exe -sender <server_email-address> -to myaccount@xx.com -subject "test from %computeraccount%" -body "test"

I receive the following email error:

***Error *** SMTP server error

Error: Not a socket.

Error:Not a socket

Thanks so much -- hopefully it's something easy and I'm just completely missing it!!

1 Solution

Accepted Solutions
Accepted Solution!

Re: Configuring BLAT with STUNNEL

Probably best to reach out to the stunnel people to help you debug their logs.

View solution in original post

12 Replies
Highlighted

Re: Configuring BLAT with STUNNEL

I suspect that maybe all you need is a local Windows firewall rule to allow incoming traffic to stunnel on the localhost, and/or maybe your A/V is blocking incoming port 25 and/or maybe AV is also blocking outgoing port 587.

Can you telnet to localhost port 25 ?

Can you telnet to SMTP relay host port 587 ?

Highlighted

Re: Configuring BLAT with STUNNEL

Thank so much for the reply.  Sorry, I should have included that.  Yes, I can telnet both on ports 25 and 587 to the mail server and the Windows Firewall is turned off.  I was running the test command with blat <blat.exe -server backup_reports@xx.com -to myemailaddress@..com -subject "test from %computeraccount% -body "test" I still receive this error:

Error:Connection to server was dropped.

***Error***SMTP Server error

Error:Not a socket

Error: Not a socket

In the stunnel viewer I do see "SSL_Connect:  ssl/record/ssl3_recored.c:331:  ssl3_get_record:wrong version number.. 

Thanks so much,

 

Highlighted

Re: Configuring BLAT with STUNNEL

I'd take a look at your configuration file again, seems like it might be incomplete. Compare your config file to the sample stunnel.conf.

ssl3_get_record:wrong version number
Id assume this pretty much means your system isn't using SSLv3.

Look over the options in your config file, maybe something to specify SSL like below.
options = NO_SSLv3

Highlighted

Re: Configuring BLAT with STUNNEL

Ok will do!  Thank you.  I'll take a look and update the thread 

Highlighted

Re: Configuring BLAT with STUNNEL

You need to be able to telnet port 25 on the localhost, i.e. the host executing the blat command and running the stunnel service (assuming from your config that they are indeed the same host) - i.e. the stunnel service is simply acting as a gateway / hop :

your blat sending on port 25 -> stunnel listenning on port 25, relay in code, stunnel sending on port 587 -> mailhost listenning on port 587

Highlighted

Re: Configuring BLAT with STUNNEL

Thanks all to the replies...  unfortunately still running into an issue when running BLAT test command I receive this error:

seems like it's a BLAT configuration issue but I'm missing it I think..  any help appreciated and thanks in advance.

superDebug:  Attempting to connect to IP address 127.0.01, on port 25
Error: Connection to server was dropped
***Error *** SMTP Server error
Error: Not a socket.
Error: Not a socket.

Validated:  I can telnet to localhost on 25, can telnet to mailserver on port 587

Ran:  netstat -ano  and validated stunnel PID listening local address port 25

BLAT install command:  
blat.exe -installSMTP localhost <sender address> -q -port 25 -u <smtp account> -pw <password> 

STUNNEL Config file:  

debug=7
output = stunnel.log

sslVersionMax = TLSV1.2

sslVersion = all
options = NO_SSLv2
options = NO_SSLv3

[ssmtp]
client = yes
accept = 25
connect = <mailserver>:587
cert = stunnel.pem

Highlighted

Re: Configuring BLAT with STUNNEL

superDebug:  Attempting to connect to IP address 127.0.01, on port 25

If this is the error you received, that isn't an IP address, maybe you need to change where this IP address is mentioned to 127.0.0.1?

Highlighted

Re: Configuring BLAT with STUNNEL

Sorry that was a typo:  

stunnel.exe is the PID that is listening on port 25.  So running a netstat command the output is:
TCP 0.0.0.0:25           LISTENING  3928 (PID) which is stunnel.exe

Highlighted

Re: Configuring BLAT with STUNNEL

@Krutons is trying to tell you that maybe your blat config is wrong with an incorrect IP address of 127.0.01

Highlighted

Re: Configuring BLAT with STUNNEL

Understood but in my original post - blat is configured with 'localhost' not an IPAddress and I also mentioned that it was a typo in the post.  Thanks.

Accepted Solution!

Re: Configuring BLAT with STUNNEL

Probably best to reach out to the stunnel people to help you debug their logs.

View solution in original post

Highlighted

Re: Configuring BLAT with STUNNEL

Thank you all for your help.