# Can't get stunnel 4.x to work

## pschulte

Hello,

I use stunnel to connect with getmail to a POP3s-server. My former setup with stunnel 3.24 was like this:

```
/usr/sbin/stunnel -c -s $USER -d 127.0.0.1:110 -r $MAILSERVER:995
```

stunnel set up the tunnel from 127.0.0.1:110 to my mailserver and I let getmail connect to 127.0.0.1:110. This setup works perfectly.

Now I installed stunnel 4.02 and can't get it to work. My stunnel.conf looks basically like this:

```
client = yes

foreground = no

accept  = 127.0.0.1:110

connect = $MAILSERVER:995

```

If I start stunnel with this config then stunnel doesn't bind itself to 127.0.0.1:110 but instead I am directly connected to my mailserver

```
 * Starting stunnel...

+OK <1928.1060774024@$MAILSERVER>

```

How can I have the same setup as before with 4.02?

Thanks,

Phil

----------

## gour

 *pschulte wrote:*   

> Now I installed stunnel 4.02 and can't get it to work. 
> 
> If I start stunnel with this config then stunnel doesn't bind itself to 127.0.0.1:110 but instead I am directly connected to my mailserver
> 
> ```
> ...

 

Hi Phil!

I have the same problem   :Sad: 

The only difference is that I want to connect to localhost:8110.

Have you maybe resolved the issue?

I have stunnel 4.0.4r2.

Sincerely,

Gour

----------

## pschulte

Hi,

no unfortunaly the problem still exists. I got tired of trying and use stunnel 3.x now.

----------

## -Anders

I'm not sure if desproxy does what you are looking for, but it works fine for my purposes (irc).

Give it a try once.

----------

## gour

 *pschulte wrote:*   

> Hi,
> 
> no unfortunaly the problem still exists. I got tired of trying and use stunnel 3.x now.

 

Hi

As you have suggested, I downgraded stunnel to 3.26. However, it looks I'm still not free of problems   :Crying or Very sad: 

I'm running stunnel with:

```
/usr/sbin/stunnel -c -o /home/gour/.getmail/stunnel.log -P none -D 7 -d 8110 -r 69.72.128.66:995
```

The log file produces following entry: *Quote:*   

> 2003.12.04 11:23:11 LOG5[17674:16384]: Using '69.72.128.66.995' as tcpwrapper service name
> 
> 2003.12.04 11:23:11 LOG7[17674:16384]: RAND_status claims sufficient entropy for
> 
>  the PRNG
> ...

 

After I launch stunnel I check the port 8110:

```
bash-2.05b# netstat -a | grep 8110

tcp        0      0 *:8110                  *:*                     LISTEN
```

Then, after launching getmail:

```
bash-2.05b# netstat -a | grep 8110

tcp        0      0 *:8110                  *:*                     LISTEN

tcp        0      1 gaura.nitai.hr:33087    gaura.nitai.hr:8110     SYN_SENT

```

SYN_SENT shows up. and getmail produces:

```
getmail started for gour@atmarama.org@gaura.nitai.hr:8110
```

and just waits until Ctrl-C.

getmail's rc (atmaramarc) has the following entry:

 *Quote:*   

> [69.72.128.66:995]
> 
> server = gaura.nitai.hr
> 
> port = 8110
> ...

 

Some more entries:

```
bash-2.05b# cat hostname

gaura

bash-2.05b# cat hosts.allow

leafnode: 127.0.0.1

ALL: LOCAL
```

hosts entries:

```
127.0.0.1       localhost       gaura

127.0.0.2       gaura.nitai.hr
```

Do you have any idea what to check/try...  :Question: 

I'm on dialup (ISDN) and all I want is to have secure access (SSL) to my web-hosted mail server with getmail  :Confused: 

Sincerely,

Gour

----------

## gour

Just to inform you that after changing the server line into:

```
server = localhost
```

it start working   :Idea: 

I'm sure I already had this entry, but didn't work   :Question: 

Anyway, stop ranting. Such things are expected when working with machines  :Cool: 

Thank you for suggestion to downgrade stunnel since it brought me to working setup   :Very Happy: 

Sincerely,

Gour

----------

## pschulte

 *Quote:*   

> 
> 
> I'm running stunnel with:
> 
> ```
> ...

 

That doesn't look correct. stunnel takes the IP-address as the service name...

 *Quote:*   

> 
> 
> I'm on dialup (ISDN) and all I want is to have secure access (SSL) to my web-hosted mail server with getmail 
> 
> 

 

OK, here is my setup. Hopefully it works for you.

I am running stunnel 3.24. I setup the tunnel in /etc/conf.d/local.start

```

/usr/sbin/stunnel -c -s $USERNAME -d 127.0.0.1:110 -r $MAILSERVER:995

```

I recommend setting 127.0.0.1 instead of 0.0.0.0 so stunnel won't accept any connections from external interfaces.

Then netstat tells me:

```

Proto Recv-Q Send-Q Local Address           Foreign Address         State

tcp        0      0 127.0.0.1:110           0.0.0.0:*               LISTEN

```

In getmailrc I have:

```

server = 127.0.0.1

port = 110

```

This just works. I can telnet to 127.0.0.1:110 and be connected to my mailserver immediately.

Hope this helps. Regards,

Phil

----------

