Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > demon.ip.support.turnpike > #18562 > unrolled thread

Problem sending e-mail via Zen

Started byGraeme <News@nospam.demon.co.uk>
First post2026-04-08 15:07 +0100
Last post2026-04-09 10:54 +0100
Articles 20 on this page of 24 — 4 participants

Back to article view | Back to demon.ip.support.turnpike


Contents

  Problem sending e-mail via Zen Graeme <News@nospam.demon.co.uk> - 2026-04-08 15:07 +0100
    Re: Problem sending e-mail via Zen Graeme <News@nospam.demon.co.uk> - 2026-04-08 15:14 +0100
    Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-08 16:47 +0100
      Re: Problem sending e-mail via Zen Graeme <News@nospam.demon.co.uk> - 2026-04-08 18:17 +0100
        Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-08 18:37 +0100
          Re: Problem sending e-mail via Zen "J. P. Gilliver" <G6JPG@255soft.uk> - 2026-04-08 22:31 +0100
            Re: Problem sending e-mail via Zen Graeme <News@nospam.demon.co.uk> - 2026-04-09 10:13 +0100
              Re: Problem sending e-mail via Zen Graeme <News@nospam.demon.co.uk> - 2026-04-09 10:57 +0100
                Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-09 17:02 +0100
                Re: Problem sending e-mail via Zen brian <nospam@b-howie.co.uk> - 2026-04-10 19:45 +0100
                  Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-10 20:36 +0100
                    Re: Problem sending e-mail via Zen Graeme <News@nospam.demon.co.uk> - 2026-04-11 09:59 +0100
                      Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-11 10:44 +0100
                        Re: Problem sending e-mail via Zen Graeme <News@nospam.demon.co.uk> - 2026-04-11 11:20 +0100
                          Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-11 19:24 +0100
                  Re: Problem sending e-mail via Zen brian <nospam@b-howie.co.uk> - 2026-04-13 09:48 +0100
                    Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-13 10:38 +0100
                      Re: Problem sending e-mail via Zen brian <nospam@b-howie.co.uk> - 2026-04-13 12:41 +0100
                        Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-13 16:54 +0100
              Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-09 11:04 +0100
                Re: Problem sending e-mail via Zen "J. P. Gilliver" <G6JPG@255soft.uk> - 2026-04-09 17:50 +0100
      Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-08 18:28 +0100
      Re: Problem sending e-mail via Zen Graeme <News@nospam.demon.co.uk> - 2026-04-09 09:45 +0100
        Re: Problem sending e-mail via Zen John Hall <john@jhall.co.uk> - 2026-04-09 10:54 +0100

Page 1 of 2  [1] 2  Next page →


#18562 — Problem sending e-mail via Zen

FromGraeme <News@nospam.demon.co.uk>
Date2026-04-08 15:07 +0100
SubjectProblem sending e-mail via Zen
Message-ID<$NPTA0ATEm1pFwRc@binnsroad.myzen.co.uk>
My outgoing e-mail has suddenly stopped working, although outgoing is 
OK.

Logging shows :

Wed, 8 Apr 2026 15:03:34 SMTP command rejected while talking to 
mailhost.zen.co.uk: DATA 530-5.7.0 Authentication required. For more 
information see the guide at 530 5.7.0 
https://www.zen.co.uk/help-support/initalsetupemail

Long story short, Zen say I need Encryption Type STARTTLS (if available) 
or TLS/SSL.

Does anyone know what that means or, more to the point, how to configure 
TP appropriately?

Thank you!

-- 
Graeme

[toc] | [next] | [standalone]


#18563

FromGraeme <News@nospam.demon.co.uk>
Date2026-04-08 15:14 +0100
Message-ID<rdAW0fBuKm1pFwSY@binnsroad.myzen.co.uk>
In reply to#18562
In message <$NPTA0ATEm1pFwRc@binnsroad.myzen.co.uk>, Graeme 
<News@nospam.demon.co.uk> writes
>
>My outgoing e-mail has suddenly stopped working, although outgoing is 
>OK.

Sorry!

That should read :

My outgoing e-mail has suddenly stopped working, although INCOMING is 
OK.
-- 
Graeme

[toc] | [prev] | [next] | [standalone]


#18564

FromJohn Hall <john@jhall.co.uk>
Date2026-04-08 16:47 +0100
Message-ID<n3nbkkFpi71U1@mid.individual.net>
In reply to#18562
On 08/04/2026 15:07, Graeme wrote:
> 
> My outgoing e-mail has suddenly stopped working, although outgoing is OK.
> 
> Logging shows :
> 
> Wed, 8 Apr 2026 15:03:34 SMTP command rejected while talking to 
> mailhost.zen.co.uk: DATA 530-5.7.0 Authentication required. For more 
> information see the guide at 530 5.7.0 https://www.zen.co.uk/help- 
> support/initalsetupemail
> 
> Long story short, Zen say I need Encryption Type STARTTLS (if available) 
> or TLS/SSL.
> 
> Does anyone know what that means or, more to the point, how to configure 
> TP appropriately?
> 
> Thank you!
> 

It means that you are going to have to use Stunnel as an intermediary 
between Turnpike and the mail server, as TP doesn't include built-in 
support for TLS or SSL. In recent years, the official Stunnel site has 
only provided a 64-bit version of Stunnel. but you can download a 32-bit 
version from here:

https://github.com/josealf/stunnel-win32

The most up-to-date version seems to be 5.77.

As I no longer use TP myself - having gone over to a 64-bit PC, I'm 
afraid I can no longer remember enough to provide much help with how to 
configure Stunnel and TP to work together, but hopefully someone can 
step in to assist. Failing that, although Googlegroups is no longer 
operating, its archived posts are still searchable on the web.
-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


#18565

FromGraeme <News@nospam.demon.co.uk>
Date2026-04-08 18:17 +0100
Message-ID<lTs13UCe2o1pFwy3@binnsroad.myzen.co.uk>
In reply to#18564
In message <n3nbkkFpi71U1@mid.individual.net>, John Hall 
<john@jhall.co.uk> writes
>On 08/04/2026 15:07, Graeme wrote:
>>  My outgoing e-mail has suddenly stopped working, although outgoing 
>>is OK.

>It means that you are going to have to use Stunnel as an intermediary 
>between Turnpike and the mail server, as TP doesn't include built-in 
>support for TLS or SSL.

Thanks John.  I do have Stunnel on this machine, and this is the 
configuration file :

debug = 5
output = stunnel.log
[zen POP3]
client = yes
accept = 127.0.0.1:3110
connect = mailhost.zen.co.uk:995
[zen SMTP]
protocol = smtp
client = yes
accept = 127.0.0.1:25
connect = mailhost.zen.co.uk:587
TIMEOUTconnect = 60

Unfortunately, I have no idea where those entries came from or what they 
mean, or what they should read. Stunnel is not working, or helping, at 
present.

Anyone?

-- 
Graeme

[toc] | [prev] | [next] | [standalone]


#18567

FromJohn Hall <john@jhall.co.uk>
Date2026-04-08 18:37 +0100
Message-ID<n3ni1vFqi6cU1@mid.individual.net>
In reply to#18565
On 08/04/2026 18:17, Graeme wrote:
> In message <n3nbkkFpi71U1@mid.individual.net>, John Hall 
> <john@jhall.co.uk> writes
>> On 08/04/2026 15:07, Graeme wrote:
>>>  My outgoing e-mail has suddenly stopped working, although outgoing 
>>> is OK.
> 
>> It means that you are going to have to use Stunnel as an intermediary 
>> between Turnpike and the mail server, as TP doesn't include built-in 
>> support for TLS or SSL.
> 
> Thanks John.  I do have Stunnel on this machine, and this is the 
> configuration file :
> 
> debug = 5
> output = stunnel.log
> [zen POP3]
> client = yes
> accept = 127.0.0.1:3110
> connect = mailhost.zen.co.uk:995
> [zen SMTP]
> protocol = smtp
> client = yes
> accept = 127.0.0.1:25
> connect = mailhost.zen.co.uk:587
> TIMEOUTconnect = 60
> 
> Unfortunately, I have no idea where those entries came from or what they 
> mean, or what they should read. Stunnel is not working, or helping, at 
> present.
> 
> Anyone?
> 

I don't think you should need the protocol line. You could also try 
updating to the latest version of Stunnel. And check that you are 
linking to Stunnel from TP's configuration settings for SMTP as detailed 
in the post I've just made before this.

You could also look at the stunnel.log file to ensure that Stunnel is 
actually being invoked and, assuming it is, to see what error is being 
thrown up. You could also turn on TP's own debugging and wee what that 
shows.
-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


#18568

From"J. P. Gilliver" <G6JPG@255soft.uk>
Date2026-04-08 22:31 +0100
Message-ID<10r6hep$3skgu$1@dont-email.me>
In reply to#18567
On 2026/4/8 18:37:3, John Hall wrote:
> On 08/04/2026 18:17, Graeme wrote:
>> In message <n3nbkkFpi71U1@mid.individual.net>, John Hall 
>> <john@jhall.co.uk> writes
>>> On 08/04/2026 15:07, Graeme wrote:
>>>>  My outgoing e-mail has suddenly stopped working, although outgoing 
>>>> is OK.

Sounds like Zen have joined the multitude of providers who suddenly
decided to require TLS/SSL. The previous that I know of is plusnet, who
claimed their outsourcing to Greenly would be seamless, obviously being
unaware that Greenly expected it, or perhaps being unaware that their
own servers didn't. (Even for those using compatible software such as
Thunderbird, the transition has been far from seamless: Greenly's
systems are a lot more flaky - although it's settled down a lot, I still
get occasional "unable to connect" popups from Thunderbird, which I had
never seen before the outsourcing.)
>>
>>> It means that you are going to have to use Stunnel as an intermediary 
>>> between Turnpike and the mail server, as TP doesn't include built-in 
>>> support for TLS or SSL.
>>
>> Thanks John.  I do have Stunnel on this machine, and this is the 
>> configuration file :
[]
>> Unfortunately, I have no idea where those entries came from or what they 
>> mean, or what they should read. Stunnel is not working, or helping, at 
>> present.
>>
>> Anyone?
>>
> 
> I don't think you should need the protocol line. You could also try 
> updating to the latest version of Stunnel. And check that you are 
> linking to Stunnel from TP's configuration settings for SMTP as detailed 
> in the post I've just made before this.

I suspect that's the real thing: you've got Stunnel, but your TP is
still connecting directly to Zen's servers, rather than to Stunnel.
> 
> You could also look at the stunnel.log file to ensure that Stunnel is 
> actually being invoked and, assuming it is, to see what error is being 
> thrown up. You could also turn on TP's own debugging and wee what that 
> shows.
-- 
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

Radio 4 is one of the reasons being British is good. It's not a subset
of Britain - it's almost as if Britain is a subset of Radio 4.
- Stephen Fry, in Radio Times, 7-13 June, 2003.

[toc] | [prev] | [next] | [standalone]


#18572

FromGraeme <News@nospam.demon.co.uk>
Date2026-04-09 10:13 +0100
Message-ID<4s0C4iH8221pFwSI@binnsroad.myzen.co.uk>
In reply to#18568
In message <10r6hep$3skgu$1@dont-email.me>, J. P. Gilliver 
<G6JPG@255soft.uk> writes
>
>I suspect that's the real thing: you've got Stunnel, but your TP is
>still connecting directly to Zen's servers, rather than to Stunnel.

Progress, I think.  Updated Stunnel's config file as suggested by John, 
and changed the mail gateway to 127.0.0.1, and, under POP3 Mail 
Collection, changed Port from POP3 to 25.  Is that correct?

Mail now sends, but throws up a TP error :

Delivery Status Notification

535 Incorrect authentication data

-- 
Graeme

[toc] | [prev] | [next] | [standalone]


#18574

FromGraeme <News@nospam.demon.co.uk>
Date2026-04-09 10:57 +0100
Message-ID<Ue6pUJIHg31pFwEa@binnsroad.myzen.co.uk>
In reply to#18572
In message <4s0C4iH8221pFwSI@binnsroad.myzen.co.uk>, Graeme 
<News@nospam.demon.co.uk> writes
>In message <10r6hep$3skgu$1@dont-email.me>, J. P. Gilliver 
><G6JPG@255soft.uk> writes
>>
>>I suspect that's the real thing: you've got Stunnel, but your TP is
>>still connecting directly to Zen's servers, rather than to Stunnel.
>
>Progress, I think.  Updated Stunnel's config file as suggested by John, 
>and changed the mail gateway to 127.0.0.1, and, under POP3 Mail 
>Collection, changed Port from POP3 to 25.  Is that correct?
>
>Mail now sends, but throws up a TP error :
>
>Delivery Status Notification
>
>535 Incorrect authentication data
>
Changed Port (above) back to POP3.

So, "you will need to replace mailhost.zen.co.uk with 127.0.0.1 and also 
ensure that the associated port is set to 25."

How, or where, do I ensure the associated port is set to 25?

-- 
Graeme

[toc] | [prev] | [next] | [standalone]


#18576

FromJohn Hall <john@jhall.co.uk>
Date2026-04-09 17:02 +0100
Message-ID<n3q0t2F7t8uU1@mid.individual.net>
In reply to#18574
On 09/04/2026 10:57, Graeme wrote:
> In message <4s0C4iH8221pFwSI@binnsroad.myzen.co.uk>, Graeme 
> <News@nospam.demon.co.uk> writes
>> In message <10r6hep$3skgu$1@dont-email.me>, J. P. Gilliver 
>> <G6JPG@255soft.uk> writes
>>>
>>> I suspect that's the real thing: you've got Stunnel, but your TP is
>>> still connecting directly to Zen's servers, rather than to Stunnel.
>>
>> Progress, I think.  Updated Stunnel's config file as suggested by 
>> John, and changed the mail gateway to 127.0.0.1, and, under POP3 Mail 
>> Collection, changed Port from POP3 to 25.  Is that correct?
>>
>> Mail now sends, but throws up a TP error :
>>
>> Delivery Status Notification
>>
>> 535 Incorrect authentication data
>>
> Changed Port (above) back to POP3.
> 
> So, "you will need to replace mailhost.zen.co.uk with 127.0.0.1 and also 
> ensure that the associated port is set to 25."
> 
> How, or where, do I ensure the associated port is set to 25?
> 

Hidden away in an old backup on my network-attached disk drive I have 
just managed to find a copy of the PDF version of the TP manual, so by 
referring to that I can hopefully offer more help. In the "Sending email 
(by SMTP" section, for Mail gateway you want 127.0.0.1 Then click on 
Password, and ensure the "Logon using" box is ticked, and ensure that 
the user name and password as required by Zen's email server has been 
supplied. If you've changed anything then click on OK. There doesn't 
seem to be anything in that section to set the port, but I think that TP 
uses 25 by default for SMTP outbound mail.

-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


#18588

Frombrian <nospam@b-howie.co.uk>
Date2026-04-10 19:45 +0100
Message-ID<leZc9EFBVU2pFwLY@b-howie.co.uk>
In reply to#18574
In message <Ue6pUJIHg31pFwEa@binnsroad.myzen.co.uk>, Graeme 
<News@nospam.demon.co.uk> writes
>In message <4s0C4iH8221pFwSI@binnsroad.myzen.co.uk>, Graeme 
><News@nospam.demon.co.uk> writes
>>In message <10r6hep$3skgu$1@dont-email.me>, J. P. Gilliver 
>><G6JPG@255soft.uk> writes
>>>
>>>I suspect that's the real thing: you've got Stunnel, but your TP is
>>>still connecting directly to Zen's servers, rather than to Stunnel.
>>
>>Progress, I think.  Updated Stunnel's config file as suggested by 
>>John, and changed the mail gateway to 127.0.0.1, and, under POP3 Mail 
>>Collection, changed Port from POP3 to 25.  Is that correct?
>>
>>Mail now sends, but throws up a TP error :
>>
>>Delivery Status Notification
>>
>>535 Incorrect authentication data
>>
>Changed Port (above) back to POP3.
>
>So, "you will need to replace mailhost.zen.co.uk with 127.0.0.1 and 
>also ensure that the associated port is set to 25."
>
>How, or where, do I ensure the associated port is set to 25?
>

It's hard coded as 25. I tried to run gmail as smtp sending, but TP 
won't allow 2 ports as far as I can see.

Brian (still using Turnpike)
-- 
Brian Howie

[toc] | [prev] | [next] | [standalone]


#18590

FromJohn Hall <john@jhall.co.uk>
Date2026-04-10 20:36 +0100
Message-ID<n3t1pdFmed0U1@mid.individual.net>
In reply to#18588
On 10/04/2026 19:45, brian wrote:
> In message <Ue6pUJIHg31pFwEa@binnsroad.myzen.co.uk>, Graeme 
> <News@nospam.demon.co.uk> writes
>> In message <4s0C4iH8221pFwSI@binnsroad.myzen.co.uk>, Graeme 
>> <News@nospam.demon.co.uk> writes
>>> In message <10r6hep$3skgu$1@dont-email.me>, J. P. Gilliver 
>>> <G6JPG@255soft.uk> writes
>>>>
>>>> I suspect that's the real thing: you've got Stunnel, but your TP is
>>>> still connecting directly to Zen's servers, rather than to Stunnel.
>>>
>>> Progress, I think.  Updated Stunnel's config file as suggested by 
>>> John, and changed the mail gateway to 127.0.0.1, and, under POP3 Mail 
>>> Collection, changed Port from POP3 to 25.  Is that correct?
>>>
>>> Mail now sends, but throws up a TP error :
>>>
>>> Delivery Status Notification
>>>
>>> 535 Incorrect authentication data
>>>
>> Changed Port (above) back to POP3.
>>
>> So, "you will need to replace mailhost.zen.co.uk with 127.0.0.1 and 
>> also ensure that the associated port is set to 25."
>>
>> How, or where, do I ensure the associated port is set to 25?
>>
> 
> It's hard coded as 25.

Then that's fine. All that matters is that it corresponds to the port 
number that you've specified at the Stunnel end of the TP/Stunnel 
connection.

  I tried to run gmail as smtp sending, but TP
> won't allow 2 ports as far as I can see.
> 
> Brian (still using Turnpike)

Yes, you can only have a single specified destination at any one time 
for sending SMTP email to, as otherwise TP wouldn't know which one you 
wanted to use for any particular outbound message.
-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


#18593

FromGraeme <News@nospam.demon.co.uk>
Date2026-04-11 09:59 +0100
Message-ID<Ua9plcFW1g2pFwMi@binnsroad.myzen.co.uk>
In reply to#18590
Still trying to send mail, without success.

Stunnel config File:

[smtp]
protocol = smtp
client = yes
accept = 127.0.0.1:25
connect = mailhost.zen.co.uk:587
verifyChain = yes
CAfile = ca-certs.pem
checkHost = mailhost.zen.co.uk
OCSPaia = yes

TP Log Window :

Sat, 11 Apr 2026 09:56:29 SMTP[C5] Starting to send mail to [127.0.0.1]
Sat, 11 Apr 2026 09:56:29 SMTP[C5] <- 220 
smarthost01a.ixn.mail.zen.net.uk ESMTP Exim 4.97 Ubuntu Sat, 11 Apr 2026 
08:56:29 +0000
Sat, 11 Apr 2026 09:56:29 SMTP[C5] -> EHLO binnsroad.myzen.co.uk
Sat, 11 Apr 2026 09:56:29 Error on closing
  -- Winsock ERROR : Connection aborted
Sat, 11 Apr 2026 09:56:29 Mail connection to [127.0.0.1] closed, 0 
messages transmitted

Stunnel Log :

2026.04.11 09:57:09 LOG5[6]: Service [smtp] accepted connection from 
127.0.0.1:55371
2026.04.11 09:57:09 LOG5[6]: s_connect: connected 212.23.1.11:587
2026.04.11 09:57:09 LOG5[6]: Service [smtp] connected remote server from 
192.168.178.21:55372
2026.04.11 09:57:09 LOG5[6]: OCSP: Connecting the AIA responder 
"http://ocsp.usertrust.com"
2026.04.11 09:57:09 LOG5[6]: s_connect: connected 104.18.38.233:80
2026.04.11 09:57:09 LOG5[6]: OCSP: Certificate accepted
2026.04.11 09:57:09 LOG5[6]: OCSP: Connecting the AIA responder 
"http://ocsp.sectigo.com"
2026.04.11 09:57:09 LOG5[6]: s_connect: connected 104.18.38.233:80
2026.04.11 09:57:10 LOG5[6]: OCSP: Certificate accepted
2026.04.11 09:57:10 LOG5[6]: OCSP: Connecting the AIA responder 
"http://ocsp.sectigo.com"
2026.04.11 09:57:10 LOG5[6]: s_connect: connected 104.18.38.233:80
2026.04.11 09:57:10 LOG3[6]: OCSP: OCSP_basic_verify: 27069065: 
error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error
2026.04.11 09:57:10 LOG4[6]: Rejected by OCSP at depth=0: CN=*.zen.co.uk
2026.04.11 09:57:10 LOG3[6]: SSL_connect: 14090086: error:14090086:SSL 
routines:ssl3_get_server_certificate:certificate verify failed
2026.04.11 09:57:10 LOG5[6]: Connection reset: 0 byte(s) sent to TLS, 0 
byte(s) sent to socket

Way over my head :-(

-- 
Graeme

[toc] | [prev] | [next] | [standalone]


#18596

FromJohn Hall <john@jhall.co.uk>
Date2026-04-11 10:44 +0100
Message-ID<n3ujgdFtpb4U1@mid.individual.net>
In reply to#18593
On 11/04/2026 09:59, Graeme wrote:
> 
> Still trying to send mail, without success.
> 
> Stunnel config File:
> 
> [smtp]
> protocol = smtp
> client = yes
> accept = 127.0.0.1:25
> connect = mailhost.zen.co.uk:587
> verifyChain = yes
> CAfile = ca-certs.pem
> checkHost = mailhost.zen.co.uk
> OCSPaia = yes
> 
> TP Log Window :
> 
> Sat, 11 Apr 2026 09:56:29 SMTP[C5] Starting to send mail to [127.0.0.1]
> Sat, 11 Apr 2026 09:56:29 SMTP[C5] <- 220 
> smarthost01a.ixn.mail.zen.net.uk ESMTP Exim 4.97 Ubuntu Sat, 11 Apr 2026 
> 08:56:29 +0000
> Sat, 11 Apr 2026 09:56:29 SMTP[C5] -> EHLO binnsroad.myzen.co.uk
> Sat, 11 Apr 2026 09:56:29 Error on closing
>   -- Winsock ERROR : Connection aborted
> Sat, 11 Apr 2026 09:56:29 Mail connection to [127.0.0.1] closed, 0 
> messages transmitted
> 
> Stunnel Log :
> 
> 2026.04.11 09:57:09 LOG5[6]: Service [smtp] accepted connection from 
> 127.0.0.1:55371
> 2026.04.11 09:57:09 LOG5[6]: s_connect: connected 212.23.1.11:587
> 2026.04.11 09:57:09 LOG5[6]: Service [smtp] connected remote server from 
> 192.168.178.21:55372
> 2026.04.11 09:57:09 LOG5[6]: OCSP: Connecting the AIA responder "http:// 
> ocsp.usertrust.com"
> 2026.04.11 09:57:09 LOG5[6]: s_connect: connected 104.18.38.233:80
> 2026.04.11 09:57:09 LOG5[6]: OCSP: Certificate accepted
> 2026.04.11 09:57:09 LOG5[6]: OCSP: Connecting the AIA responder "http:// 
> ocsp.sectigo.com"
> 2026.04.11 09:57:09 LOG5[6]: s_connect: connected 104.18.38.233:80
> 2026.04.11 09:57:10 LOG5[6]: OCSP: Certificate accepted
> 2026.04.11 09:57:10 LOG5[6]: OCSP: Connecting the AIA responder "http:// 
> ocsp.sectigo.com"
> 2026.04.11 09:57:10 LOG5[6]: s_connect: connected 104.18.38.233:80
> 2026.04.11 09:57:10 LOG3[6]: OCSP: OCSP_basic_verify: 27069065: 
> error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error
> 2026.04.11 09:57:10 LOG4[6]: Rejected by OCSP at depth=0: CN=*.zen.co.uk
> 2026.04.11 09:57:10 LOG3[6]: SSL_connect: 14090086: error:14090086:SSL 
> routines:ssl3_get_server_certificate:certificate verify failed
> 2026.04.11 09:57:10 LOG5[6]: Connection reset: 0 byte(s) sent to TLS, 0 
> byte(s) sent to socket
> 
> Way over my head :-(
> 

It's rather over my head too!

The error seems to be shown up at this point in the stunnel log:
2026.04.11 09:57:10 LOG3[6]: OCSP: OCSP_basic_verify: 27069065: 
error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error

It's possible that it means that Zen have failed at register their mail 
server with the ca-certs authority, so it's not found in the authority's 
list, but I'm only guessing.

You could try commenting out these four lines, to see if it will then work:

verifyChain = yes
CAfile = ca-certs.pem
checkHost = mailhost.zen.co.uk
OCSPaia = yes

(You can do that by just inserting a semi-colon at the start of each line.)
-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


#18597

FromGraeme <News@nospam.demon.co.uk>
Date2026-04-11 11:20 +0100
Message-ID<bIEKxyGzBi2pFwtT@binnsroad.myzen.co.uk>
In reply to#18596
In message <n3ujgdFtpb4U1@mid.individual.net>, John Hall 
<john@jhall.co.uk> writes
>
>You could try commenting out these four lines, to see if it will then work:
>
>verifyChain = yes
>CAfile = ca-certs.pem
>checkHost = mailhost.zen.co.uk
>OCSPaia = yes
>
>(You can do that by just inserting a semi-colon at the start of each line.)

Sadly not :-(

New logs :

Sat, 11 Apr 2026 11:16:49 SMTP[C125] Starting to send mail to 
[127.0.0.1]
Sat, 11 Apr 2026 11:16:49 SMTP[C125] <- 220 
smarthost01c.ixn.mail.zen.net.uk ESMTP Exim 4.97 Ubuntu Sat, 11 Apr 2026 
10:16:49 +0000
Sat, 11 Apr 2026 11:16:49 SMTP[C125] -> EHLO binnsroad.myzen.co.uk
Sat, 11 Apr 2026 11:16:49 Error on closing
  -- Winsock ERROR : Connection aborted
Sat, 11 Apr 2026 11:16:49 Mail connection to [127.0.0.1] closed, 0 
messages transmitted

2026.04.11 11:18:29 LOG5[128]: Service [smtp] accepted connection from 
127.0.0.1:56101
2026.04.11 11:18:29 LOG5[128]: s_connect: connected 212.23.1.11:587
2026.04.11 11:18:29 LOG5[128]: Service [smtp] connected remote server 
from 192.168.178.21:56102
2026.04.11 11:18:29 LOG5[128]: OCSP: Connecting the AIA responder 
"http://ocsp.usertrust.com"
2026.04.11 11:18:29 LOG5[128]: s_connect: connected 172.64.149.23:80
2026.04.11 11:18:29 LOG5[128]: OCSP: Certificate accepted
2026.04.11 11:18:29 LOG5[128]: OCSP: Connecting the AIA responder 
"http://ocsp.sectigo.com"
2026.04.11 11:18:29 LOG5[128]: s_connect: connected 172.64.149.23:80
2026.04.11 11:18:29 LOG5[128]: OCSP: Certificate accepted
2026.04.11 11:18:29 LOG5[128]: OCSP: Connecting the AIA responder 
"http://ocsp.sectigo.com"
2026.04.11 11:18:29 LOG5[128]: s_connect: connected 172.64.149.23:80
2026.04.11 11:18:29 LOG3[128]: OCSP: OCSP_basic_verify: 27069065: 
error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error
2026.04.11 11:18:29 LOG4[128]: Rejected by OCSP at depth=0: 
CN=*.zen.co.uk
2026.04.11 11:18:29 LOG3[128]: SSL_connect: 14090086: error:14090086:SSL 
routines:ssl3_get_server_certificate:certificate verify failed
2026.04.11 11:18:29 LOG5[128]: Connection reset: 0 byte(s) sent to TLS, 
0 byte(s) sent to socket

-- 
Graeme

[toc] | [prev] | [next] | [standalone]


#18599

FromJohn Hall <john@jhall.co.uk>
Date2026-04-11 19:24 +0100
Message-ID<n3vhu3F3u4iU1@mid.individual.net>
In reply to#18597
On 11/04/2026 11:20, Graeme wrote:
> In message <n3ujgdFtpb4U1@mid.individual.net>, John Hall 
> <john@jhall.co.uk> writes
>>
>> You could try commenting out these four lines, to see if it will then 
>> work:
>>
>> verifyChain = yes
>> CAfile = ca-certs.pem
>> checkHost = mailhost.zen.co.uk
>> OCSPaia = yes
>>
>> (You can do that by just inserting a semi-colon at the start of each 
>> line.)
> 
> Sadly not :-(

That's disappointing.

> 
> New logs :
> 
> Sat, 11 Apr 2026 11:16:49 SMTP[C125] Starting to send mail to [127.0.0.1]
> Sat, 11 Apr 2026 11:16:49 SMTP[C125] <- 220 
> smarthost01c.ixn.mail.zen.net.uk ESMTP Exim 4.97 Ubuntu Sat, 11 Apr 2026 
> 10:16:49 +0000
> Sat, 11 Apr 2026 11:16:49 SMTP[C125] -> EHLO binnsroad.myzen.co.uk
> Sat, 11 Apr 2026 11:16:49 Error on closing
>   -- Winsock ERROR : Connection aborted
> Sat, 11 Apr 2026 11:16:49 Mail connection to [127.0.0.1] closed, 0 
> messages transmitted
> 
> 2026.04.11 11:18:29 LOG5[128]: Service [smtp] accepted connection from 
> 127.0.0.1:56101
> 2026.04.11 11:18:29 LOG5[128]: s_connect: connected 212.23.1.11:587
> 2026.04.11 11:18:29 LOG5[128]: Service [smtp] connected remote server 
> from 192.168.178.21:56102
> 2026.04.11 11:18:29 LOG5[128]: OCSP: Connecting the AIA responder 
> "http://ocsp.usertrust.com"
> 2026.04.11 11:18:29 LOG5[128]: s_connect: connected 172.64.149.23:80
> 2026.04.11 11:18:29 LOG5[128]: OCSP: Certificate accepted
> 2026.04.11 11:18:29 LOG5[128]: OCSP: Connecting the AIA responder 
> "http://ocsp.sectigo.com"
> 2026.04.11 11:18:29 LOG5[128]: s_connect: connected 172.64.149.23:80
> 2026.04.11 11:18:29 LOG5[128]: OCSP: Certificate accepted
> 2026.04.11 11:18:29 LOG5[128]: OCSP: Connecting the AIA responder 
> "http://ocsp.sectigo.com"
> 2026.04.11 11:18:29 LOG5[128]: s_connect: connected 172.64.149.23:80
> 2026.04.11 11:18:29 LOG3[128]: OCSP: OCSP_basic_verify: 27069065: 
> error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error
> 2026.04.11 11:18:29 LOG4[128]: Rejected by OCSP at depth=0: CN=*.zen.co.uk
> 2026.04.11 11:18:29 LOG3[128]: SSL_connect: 14090086: error:14090086:SSL 
> routines:ssl3_get_server_certificate:certificate verify failed
> 2026.04.11 11:18:29 LOG5[128]: Connection reset: 0 byte(s) sent to TLS, 
> 0 byte(s) sent to socket
> 

That seems pretty much the same as the previous error. If you are 
absolutely sure that you commented out those four lines, remembered to 
save the changes, and then restarted Stunnel and Connect to make sure 
that the updated config file was being used, then the only other thing I 
can suggest to try is in Connect configure for email click on the 
Password button in the SMTP section, check the "Logon using" is ticked, 
that for the username you have provided your full email address and that 
you have set the correct password. If you find you need to change 
something, don't forget to click on OK.
-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


#18606

Frombrian <nospam@b-howie.co.uk>
Date2026-04-13 09:48 +0100
Message-ID<bgxzy2En3K3pFwmq@b-howie.co.uk>
In reply to#18588
In message <leZc9EFBVU2pFwLY@b-howie.co.uk>, brian 
<nospam@b-howie.co.uk> writes
>In message <Ue6pUJIHg31pFwEa@binnsroad.myzen.co.uk>, Graeme 
><News@nospam.demon.co.uk> writes
>>In message <4s0C4iH8221pFwSI@binnsroad.myzen.co.uk>, Graeme 
>><News@nospam.demon.co.uk> writes
>>>In message <10r6hep$3skgu$1@dont-email.me>, J. P. Gilliver 
>>><G6JPG@255soft.uk> writes
>>>>
>>>>I suspect that's the real thing: you've got Stunnel, but your TP is
>>>>still connecting directly to Zen's servers, rather than to Stunnel.
>>>
>>>Progress, I think.  Updated Stunnel's config file as suggested by 
>>>John, and changed the mail gateway to 127.0.0.1, and, under POP3 Mail 
>>>Collection, changed Port from POP3 to 25.  Is that correct?
>>>
>>>Mail now sends, but throws up a TP error :
>>>
>>>Delivery Status Notification
>>>
>>>535 Incorrect authentication data
>>>
>>Changed Port (above) back to POP3.
>>
>>So, "you will need to replace mailhost.zen.co.uk with 127.0.0.1 and 
>>also ensure that the associated port is set to 25."
>>
>>How, or where, do I ensure the associated port is set to 25?
>>
>
>It's hard coded as 25. I tried to run gmail as smtp sending, but TP 
>won't allow 2 ports as far as I can see.
>
>Brian (still using Turnpike)

In the Turnpike configuration windows I have.

POP3 and IMAP ticked

down one level

use 'APOP' authentication

Make sure you are using the correct passwords and usernames

My POP3 account is brian@b-howie.co.uk

but my SMTP user name is b-howie.co.uk

_and_ my passwords are different too

if you are getting as you say.

"<<< 535 Incorrect authentication data"  it might be incorrect passwords 
or user Id

I had a few problems with that.


My stunnel config.

Pop3.hosts is namesco

debug = 5
output = stunnel.log

[b-howie POP3]
client = yes
accept = 127.0.0.1:310
connect =  pop3.hosts.co.uk:995

[namesco SMTP]
protocol = smtp
client = yes
accept = 127.0.0.1:25
connect = smtp.hosts.co.uk:25

[gmail-pop3]
client = yes
accept = 127.0.0.1:3110
connect = pop.gmail.com:995
verifyChain = yes
CAfile = ca-certs.pem
checkHost = pop.gmail.com



OCSPaia = yes
TIMEOUTconnect = 60
TIMEOUTidle = 40
TIMEOUTbusy = 40
TIMEOUTclose = 40
;time to wait for close_notify (set to 0 for buggy MSIE)
-- 
Brian Howie

[toc] | [prev] | [next] | [standalone]


#18608

FromJohn Hall <john@jhall.co.uk>
Date2026-04-13 10:38 +0100
Message-ID<n43rrtFoejfU1@mid.individual.net>
In reply to#18606
On 13/04/2026 09:48, brian wrote:
> In the Turnpike configuration windows I have.
> 
> POP3 and IMAP ticked

Do you really want both ticked rather than just POP3?
> 
> down one level
> 
> use 'APOP' authentication
> 
> Make sure you are using the correct passwords and usernames
> 
> My POP3 account is brian@b-howie.co.uk
> 
> but my SMTP user name is b-howie.co.uk

I would have thought they would have to be the same. You could try 
amending the SMTP user name to brian@b-howie.co.uk

> 
> _and_ my passwords are different too
 > > if you are getting as you say.
> 
> "<<< 535 Incorrect authentication data"  it might be incorrect passwords 
> or user Id
> 
> I had a few problems with that.
> 
> 
> My stunnel config.
> 
> Pop3.hosts is namesco
> 
> debug = 5
> output = stunnel.log
> 
> [b-howie POP3]
> client = yes
> accept = 127.0.0.1:310
> connect =  pop3.hosts.co.uk:995
> 
> [namesco SMTP]
> protocol = smtp
> client = yes
> accept = 127.0.0.1:25
> connect = smtp.hosts.co.uk:25

Hang on. I thought you said you were using Zen, not Namesco. I'm now 
thoroughly confused. Even if it's Namesco that you're using, that port 
25 in the connect line almost certainly needs to be something else 
(probably 587), if you're having to use TSL/SSL with it.

> 
> [gmail-pop3]
> client = yes
> accept = 127.0.0.1:3110
> connect = pop.gmail.com:995
> verifyChain = yes
> CAfile = ca-certs.pem
> checkHost = pop.gmail.com
> 
> 
> 
> OCSPaia = yes
> TIMEOUTconnect = 60
> TIMEOUTidle = 40
> TIMEOUTbusy = 40
> TIMEOUTclose = 40
> ;time to wait for close_notify (set to 0 for buggy MSIE)


-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


#18609

Frombrian <nospam@b-howie.co.uk>
Date2026-04-13 12:41 +0100
Message-ID<oFCvLCNpZN3pFwTY@b-howie.co.uk>
In reply to#18608
In message <n43rrtFoejfU1@mid.individual.net>, John Hall 
<john@jhall.co.uk> writes
>On 13/04/2026 09:48, brian wrote:
>> In the Turnpike configuration windows I have.
>>  POP3 and IMAP ticked
>
>Do you really want both ticked rather than just POP3?
>>  down one level
>>  use 'APOP' authentication
>>  Make sure you are using the correct passwords and usernames
>>  My POP3 account is brian@b-howie.co.uk
>>  but my SMTP user name is b-howie.co.uk
>
>I would have thought they would have to be the same. You could try 
>amending the SMTP user name to brian@b-howie.co.uk
>
>>  _and_ my passwords are different too
>> > if you are getting as you say.
>>  "<<< 535 Incorrect authentication data"  it might be incorrect 
>>passwords  or user Id
>>  I had a few problems with that.
>>   My stunnel config.
>>  Pop3.hosts is namesco
>>  debug = 5
>> output = stunnel.log
>>  [b-howie POP3]
>> client = yes
>> accept = 127.0.0.1:310
>> connect =  pop3.hosts.co.uk:995
>>  [namesco SMTP]
>> protocol = smtp
>> client = yes
>> accept = 127.0.0.1:25
>> connect = smtp.hosts.co.uk:25
>
>Hang on. I thought you said you were using Zen, not Namesco. I'm now 
>thoroughly confused. Even if it's Namesco that you're using, that port 
>25 in the connect line almost certainly needs to be something else 
>(probably 587), if you're having to use TSL/SSL with it.
>
>>  [gmail-pop3]
>> client = yes
>> accept = 127.0.0.1:3110
>> connect = pop.gmail.com:995
>> verifyChain = yes
>> CAfile = ca-certs.pem
>> checkHost = pop.gmail.com
>>    OCSPaia = yes
>> TIMEOUTconnect = 60
>> TIMEOUTidle = 40
>> TIMEOUTbusy = 40
>> TIMEOUTclose = 40
>> ;time to wait for close_notify (set to 0 for buggy MSIE)
>
>

I'm using namesco , the OP is using Zen.

Mine works. I dare not untick anything . The user ID's are different for 
POP3 and SMTP for me.

I also receive gmail on Turnpike , but as I said it won't send owing to 
port conflicts


Brian
-- 
Brian Howie

[toc] | [prev] | [next] | [standalone]


#18612

FromJohn Hall <john@jhall.co.uk>
Date2026-04-13 16:54 +0100
Message-ID<n44htvFrpl0U1@mid.individual.net>
In reply to#18609
On 13/04/2026 12:41, brian wrote:
<snip>
> I'm using namesco , the OP is using Zen.
> 
> Mine works. I dare not untick anything . The user ID's are different for 
> POP3 and SMTP for me.
> 
> I also receive gmail on Turnpike , but as I said it won't send owing to 
> port conflicts

Sorry, but it hadn't registered with me that some posts were from you 
and not from Graeme!

As your set-up works, I agree that it would be unwise to change anything.
-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


#18575

FromJohn Hall <john@jhall.co.uk>
Date2026-04-09 11:04 +0100
Message-ID<n3pbucF4mbdU1@mid.individual.net>
In reply to#18572
On 09/04/2026 10:13, Graeme wrote:
> In message <10r6hep$3skgu$1@dont-email.me>, J. P. Gilliver 
> <G6JPG@255soft.uk> writes
>>
>> I suspect that's the real thing: you've got Stunnel, but your TP is
>> still connecting directly to Zen's servers, rather than to Stunnel.
> 
> Progress, I think.  Updated Stunnel's config file as suggested by John, 
> and changed the mail gateway to 127.0.0.1, and, under POP3 Mail 
> Collection, changed Port from POP3 to 25.  Is that correct?

I thought that you said in your original post that it was sending mail 
you were having trouble with, and that receiving mail was working. If 
that's the case then leave all the POP3 mail collection settings alone. 
Unfortunately not having TP any more, I can't look at its relevant 
Configure page to tell you just where the entries you need to change for 
SMTP sending of mail are. Hopefully John Gilliver can help you with that.

> 
> Mail now sends, but throws up a TP error :
> 
> Delivery Status Notification
> 
> 535 Incorrect authentication data
> 
-- 
John Hall

      You can divide people into two categories:
      those who divide people into two categories and those who don't

[toc] | [prev] | [next] | [standalone]


Page 1 of 2  [1] 2  Next page →

Back to top | Article view | demon.ip.support.turnpike


csiph-web