1. Using Stunnel as an SSL Email Proxy
This document will explain the procedures for installing and configuring Stunnel, a third-party SSL tunneling client to be used if your SMTP server requires SSL. Stunnel is required for WIN-911 V7, because it does not natively support SSL. An example Stunnel configuration in this article that will using 365's SMTP server.
Office 365 is used as an example, but please be aware that your email server may enforce sending limits on your account. Currently the limit is 1,500 emails in a day. If your WIN-911 configuration contains a large number of Email Contacts and/or Alarms, you will need to find an alternative to Office 365.
A. Download and Installing Stunnel
Download the latest version of Stunnel.
As of the date of this article, stunnel-5.50-win64-installer.exe, is the latest version available.
During the installation process you will come across a command prompt window asking for various organization information. This information is used to create an SSL certificate for Stunnel. If you skip this process Stunnel will not function properly.
B. Configure Stunnel
You can use Stunnel to configure any SSL enabled server and this demonstration will use Office 365.
To configure Stunnel use the text-based configuration file titled stunnel.conf. You can find the file in the directory Stunnel is installed to or from selecting Start > All Programs > stunnel > Edit stunnel.conf.
Once you’ve opened the stunnel.conf file in Notepad you’ll be presented with their default configuration. You don’t need this configuration so you will need to remove it. Therefore, highlight all the text and delete it. Now have a blank text file, copy only the bold text posted below and paste it into the configuration file. Save the configuration and now you can start the Stunnel runtime. If Stunnel was running, then you’ll need to open the Stunnel GUI and select Configuration > Reload stunnel.conf from the menu bar.
client = yes
accept = 127.0.0.1:25 ((465 for SMTP/SSL or you can try 25 for SMTP))
connect = smtp.office365.com:587
The accept property is used to specify the host that will accept the connection, and the connect property is used to specify the remote host. If you’re using a connection other than Office 365, you will only have to change the SMTP connect server and port.
First, you’ll need to install Stunnel as a service by going to Start > All Programs > stunnel > Service install. A successful dialog should appear. You can now find Stunnel in your Windows Services list. Set the service to start automatically. We suggest rebooting your system and triggering an alarm after you have WIN-911 and Stunnel working to ensure it is functioning properly
C. Configure an SMTP Relay
To send email through Microsoft 365 using third-party email clients, including WIN-911, you must have an SMTP Relay configured. This must be configured on your email server side. For more information, follow the guide on how to set up the SMTP Relay.
For more information, please watch the instructional video.
D. Configure WIN-911
Use the following screenshots to configure WIN-911 to use Stunnel.
E. SMTP Settings
F. Authentication Settings
G.Testing E-mail Functionality
Open your Configurator, then Tools, then Diagnostic Logging. Enable the email diagnostic logging. In order to perform a Manual Message to test an email, you must be running the WIN911 as an application, running the TeleDAC/Scan&Alarm. You will need to stop the WIN-911 Service Wrapper in Windows Services in order to do this. Restart WIN-911 and test your settings by sending a Manual Message. If the settings are not correct you may see a number of different WSAE socket error codes. A list and explanation of what they mean can be found using Microsoft Documents.
You may also run into Authentication errors due to incorrect credentials or a failed to Relay error due to an incorrect SMTP relay setup.
Additional support information available at Stunnel.org