Mailinglist Archive: opensuse (4626 mails)

< Previous Next >
Re: [opensuse] Postfix, stunnel, and MS Exchange
  • From: Andreas Winkelmann <ml@xxxxxxxxxxxxxx>
  • Date: Fri, 12 Jan 2007 02:54:49 +0100
  • Message-id: <>
On Friday 12 January 2007 00:54, Joe Morris (NTM) wrote:

> Got a problem I hope someone can answer. This is my situation. My home
> office (i.e. mail relay) uses MS Exchange. It seems it will only listen
> on port 25.

The Port is configurable. And you can add additional Ports of course.

> They are wanting all mail to be transport encrypted. They
> have setup stunnel to listen on port 465 and 2525 for their exchange
> server. It works with most email clients to select ssl encryption for
> the smtp server on port 465 (they also use auth). I tried but could not
> get the smtp client of postfix to work with that setup to relay mail
> through them here at home.

This SSL-Mode is not supported by Postfix. Postfix supports the Standard way
(Client-Side) where the Connection is established unencrypted and the
Encryption is switched on after that (STARTTLS). Most Clients will support
the SSL-Mode, so you will have luck with Clients.

> My ISP blocks all port 25 traffic to force
> all smtp traffic to go through them. At the office (I was testing first
> at home) we use a different ISP that does not block port 25. On port 25
> (with telnet) their exchange server responds, but there is nothing if
> telneted to port 465 pr 2525.

You cannot telnet to an already encrypted Port. If you want to test that, use
openssl as client.

$ openssl s_client -connect ...

man openssl
man s_client

> I got postfix's smtp client to work at
> work (it uses TLS on port 25), including auth. Here at home, I need to
> get it working as well (and at least Eudora also has a problem with
> their setup if port 25 is blocked by the ISP). Is there a way to get it
> working as is, or could I install and setup stunnel to get the postfix
> smtp client to work through stunnel on either port 2525 or 465? Is so,
> any pointers? TIA for any help or alternate ideas.

Hmm, the best way would be to configure your Exchange Box to listen on a
second Port with TLS enabled maybe 465 or 26 or whatever.

Another way of course would be to setup stunnel on your Home-Postfix-Box to
reconvert the encrypted Session in an unencrypted.

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups