Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Thomas S.

sTunnel for modern email protocols in old email clients

Recommended Posts

I use Outlook 2010 as email client.

To get in contact with my email providers it is neccessary to have modern TLS protocols, TLS1.0 / SSL is no more supported.

And to solve this problem I use sTunnel (latest version for 32bit is 5.49).

The advantage of sTunnel is that the Windows certificate storage can be used, which greatly simplifies the configuration in this case.

So sTunnel only needs to be installed and activated as a service, as well as using this simple configuration (example of stunnel.conf):

debug = 4
engine = capi
options = NO_SSLv2
options = NO_SSLv3
options = NO_TLSv1

[gmx-pop3s]
client = yes
EngineID = capi
accept = localhost:xxxx
connect = pop.gmx.net:995

[gmx-smpts]
client = yes
EngineID = capi
accept = localhost:yyyy
connect = mail.gmx.net:465

In Outlook the local ports are set as default connection (server localhost and port POP xxxx / SMPT yyyy)

Thats all.

It works also for other email clients, so this may be a good advice for a configuration.

Edited by Thomas S.

Share this post


Link to post
Share on other sites

Would this possibly help with my extremely slow display of some e-mails using Eudora?
I already use @heinoganda's version of HTTPSProxy.
Is this any different?
:dubbio:

Edited by Dave-H
Ammendment

Share this post


Link to post
Share on other sites

I use sTunnel only for receiving (POP) and sending (SMPT) the emails with Outlook.

HTTPSProxy is not able to handle this protocols, and you need to address the email server TLS ports 995 / 465 (HTTPS is 443).

But for display purposes, especialy pictures embedded in emails and downloaded direct via HTTPS from many different hosting servers (in Outlook the MSWord and IE / system functions are used) HTTPSProxy is also needed.

So it depends of the way Eudora must establish a connection to your email provider (i don't know this).

 

 

Share this post


Link to post
Share on other sites

@Dave-H, keep in mind there are two things going on with a typical email client:

  1. Sending and receiving the emails themselves. This is done by connecting to your email service using protocols like SMTP (sending email), POP3 or IMAP (receiving).
  2. Displaying the received emails. Since many emails are HTML this is done much like a Web browser. For example, images are often fetched from a Web server via HTTP.

STunnel helps with #1 if your email client can't connect to your email service. Since most folks only have one email service, you just set up a non-secured connection to localhost. STunnel looks like a non-secured email service to your client, and like a secure email client to your service. (If you have more than one email service you can add connections on other ports, as long as your email client lets you specify the ports to connect to.)

But it sounds like your problem is related to #2. That's a harder problem because images and like content can come from pretty much anywhere on the Web. The best solution is probably ProxHTTPSProxyMII, which you have, but your email client needs to be configured to use it. I'm not sure how to do that with Eudora - some clients share the Internet connection settings with IE8, but other clients have their own setup. I'd bet someone around here knows how to configure Eudora though.

Share this post


Link to post
Share on other sites
On 12/8/2018 at 4:07 PM, Thomas S. said:

latest version for 32bit is 5.49

I think it is possible to build win32 32bit 5.50.

  • Like 1

Share this post


Link to post
Share on other sites
On 12/10/2018 at 3:53 AM, roytam1 said:

I think it is possible to build win32 32bit 5.50.

Yes, it is. But who will do this? And who tests and supports this version?

I ask Michał Trojnara - he is too busy...

  • Like 1

Share this post


Link to post
Share on other sites
On 12/10/2018 at 4:53 AM, roytam1 said:

I think it is possible to build win32 32bit 5.50.

More info here:

https://github.com/mtrojnar/stunnel/blob/master/INSTALL.W32

... and I found some kind of a Russian fork, stunnel-msspi, but of the v5.50 32-bit released binaries :

stunnel-5.50-msspi-0.135_windows-386.zip

only the CLI (stunnel-msspi-cli.exe) would run in my Vista laptop, whereas the GUI (stunnel-msspi.exe) probably requires Win7+ (the EXE makes API call to K32getModuleFileNameExA not to be located in Vista's kernel32.dll :realmad: ) ...

 

Share this post


Link to post
Share on other sites

@Thomas S. @Mathwiz

Thanks guys!
Eudora uses its own certificates to connect to e-mail servers for receiving and sending, there is no problem with this side of things.

It uses the certificate system in Windows to actually display messages though, when using the "Microsoft Viewer" option.
Before I had HTTPSProxy installed, many images in messages would not display, and I was getting constant certificate error messages.
Now it's much better, but messages from some sources take about 30 seconds to display, during which Eudora is completely frozen.
After that they display perfectly, which is very puzzling!
If I switch off the "Microsoft Viewer" option, so Eudora uses its internal viewer, they display instantly, but usually look awful!
:)

Share this post


Link to post
Share on other sites

That's interesting. I'm guessing the "Microsoft Viewer" option uses the IE8 rendering engine, which is pretty outdated; but probably not nearly as outdated as Eudora's internal HTML viewer!

Anyway, maybe the 30-second delays have less to do with security, certificates, and the like, than with the IE8 rendering engine just being slooow with modern HTML emails.

Share this post


Link to post
Share on other sites

Wasn't there a way to cause IE8 to use Chromium rendering engine? If so, wouldn't it perhaps work with Eudora? :unsure::unsure::dubbio:

Share this post


Link to post
Share on other sites
58 minutes ago, dencorso said:

Wasn't there a way to cause IE8 to use Chromium rendering engine? If so, wouldn't it perhaps work with Eudora? :unsure::unsure::dubbio:

Yes. That would be the Google Chrome Frame.

I hosted a copy of it myself due to the general lack of availability elsewhere
http://i430vx.strangled.net/files/XP/GoogleChromeframeStandaloneEnterprise.msi

Dunno if it works with Eudora, though.

  • Like 2

Share this post


Link to post
Share on other sites
On 12/13/2018 at 8:14 AM, VistaLover said:

More info here:

https://github.com/mtrojnar/stunnel/blob/master/INSTALL.W32

... and I found some kind of a Russian fork, stunnel-msspi, but of the v5.50 32-bit released binaries :

stunnel-5.50-msspi-0.135_windows-386.zip

only the CLI (stunnel-msspi-cli.exe) would run in my Vista laptop, whereas the GUI (stunnel-msspi.exe) probably requires Win7+ (the EXE makes API call to K32getModuleFileNameExA not to be located in Vista's kernel32.dll :realmad: ) ...

 

Actually the API exists in psapi.

K32 series is pretty much became a excuse for many devlopers to drop XP /Vista support.

  • Like 1

Share this post


Link to post
Share on other sites
On 12/13/2018 at 5:44 AM, VistaLover said:

.. and I found some kind of a Russian fork, stunnel-msspi, but of the v5.50 32-bit released binaries :

stunnel-5.50-msspi-0.135_windows-386.zip

only the CLI (stunnel-msspi-cli.exe) would run in my Vista laptop, whereas the GUI (stunnel-msspi.exe) probably requires Win7+

You can use the command:
EDITBIN.EXE /VERSION:5.1 /SUBSYSTEM:CONSOLE,5.01 stunnel-msspi-cli.exe
to achieve performance in WinXP. But it is still not clear what to do with stunnel.pem and how to get it. :(

PS. Stand-alone EDITBIN can be downloaded here.

Edited by -SnooPY-
Direct link added

Share this post


Link to post
Share on other sites

@i430VX @dencorso

Sorry I've taken a while following this up, but I just tried installing Google Chrome Frame.

I forced it to become the default rendering engine in IE8 with a registry hack, and was astounded how it transformed IE8 in that it would now correctly display web pages that looked a terrible mess with the default Trident engine!

Unfortunately, it didn't make any difference at all to Eudora's rendering of e-mails, the problem ones are still just as slow to display.
As I said earlier, when they eventually do display they display perfectly, with no elements missing, so that's not the problem, the problem is how long it takes them to appear!

Google Chrome Frame also stops Windows/Microsoft Update from displaying in IE8 of course, as you would expect!

@heinoganda, if you're across this thread, what I'm seeing always in the HTTPSProxy console every time there's a display delay, in this case with an e-mail from the Sky help forum, is this -

[19:22] 000 "EOF occurred in violation of protocol (_ssl.c:600)" while trying to establish local SSL tunnel for [helpforum.sky.com:443]
[19:22] 002 [D] "GET https://helpforum.sky.com/html/assets/email/community-logo.png" 200 9887
[19:22] 001 [D] "GET https://helpforum.sky.com/i/smilies/16x16_smiley-happy.gif" 200 414
[19:22] 003 [D] "OPTIONS https://helpforum.sky.com/ 0" 200 -
[19:22] 003 ProxHTTPSProxyMII FrontProxy/v1.5 [WinError 10053] An established connection was aborted by the software in your host machine

I don't know if this gives any clues!
:)

Edited by Dave-H
Typo

Share this post


Link to post
Share on other sites
20 minutes ago, Dave-H said:

[19:22] 000 "EOF occurred in violation of protocol (_ssl.c:600)" while trying to establish local SSL tunnel for [helpforum.sky.com:443]

Have you ever tried to insert the entry *helpforum.sky.com* in [SSL Pass-Thru] in the config.ini of HTTPSProxy?

:)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...