Discussion:
Installation of Blat
(too old to reply)
manfred.winter@yahoo.com [blat]
2017-10-16 09:20:48 UTC
Permalink
We have created a Batch File to run Blat in order to mail results for our POS System. It now runs successful and I am now considering to roll it out to our 300+ clients.
What is the best way to store all relevant Parameters (Including SMTP Account Information (We will use our company's SMTP account for that purpose and this needs a log-in) in an "Idiot-proof" easy way?
I keep having trouble with blatinstall.bat and such ...
Am thinking now to create a .reg File, one for 32 Bit and one for 64 Bit Systems.
Or is there a better and more appropriate way?
Someone to take me by the hand and guide me through a Blatinstall.bat that has only one group of settings?

This one does not give me the requested results:


C:\OurPOS\Blat\blat.exe -install smtp.provider.com ***@ourpos.com 5 586 - ***@ourpos.com smtpw



Thanks!
Rod Carty rod@en-consult.ca [blat]
2017-10-16 10:09:28 UTC
Permalink
I recommend not installing it at all but instead specifying sendmail
server and login specifics, return email address, and destination email
address in the command line when you call Blat.

That would mean including:
-to (destination email address)
-server (server URL)
-u (SMTP account username)
-pw (SMTP account password)
-f (from email address)

I also recommend Blat.exe be copied to a user-created folder, not a
Windows system folder. I found this with the above settings resolved
various security issues as regarding using Blat, starting with Windows
version 8. It also works perfectly well on Windows XP, Vista and 7 as
well as Windows Server 2008; 32 and 64 bit systems.
Post by ***@yahoo.com [blat]
We have created a Batch File to run Blat in order to mail results for
our POS System. It now runs successful and I am now considering to roll
it out to our 300+ clients.
What is the best way to store all relevant Parameters (Including SMTP
Account Information (We will use our company's SMTP account for that
purpose and this needs a log-in) in an "Idiot-proof" easy way?
I keep having trouble with blatinstall.bat and such ...
Am thinking now to create a .reg File, one for 32 Bit and one for 64 Bit Systems.
Or is there a better and more appropriate way?
Someone to take me by the hand and guide me through a Blatinstall.bat
that has only one group of settings?
Thanks!
--
Rod Carty
http://www.en-consult.ca

Keep Working. Millions on Welfare are Depending on YOU!
The preceding humor inserted by QuipSig
manfred.winter@yahoo.com [blat]
2017-10-16 10:46:50 UTC
Permalink
The problem I see with this approach is that I reveal my Password for all to see in the Batch File. Also, how and where to specify the SMTP Port?
Blat is installed in a Sub Directory of C:/OURPOS/ by the way, under (mostly) Windows 7, a few Installations run under Windows 10.
And it is important to create an Installation Routine that can be executed by people for whom executing a batch file is already a task that demands all their attention and knowledge.
What is the potential problem when going the .reg File path?
'Mike Mattos' mmattos@rogers.com [blat]
2017-10-16 11:47:24 UTC
Permalink
With some thought, the batch file isn’t needed. You can create an exe for the batch so the password is never stored, just keyboard entry as a parameter, something along the line of



Callblat.exe myname mypassword



Callblat would parse the login and have stored the other parameters



MIke



From: ***@yahoogroups.com [mailto:***@yahoogroups.com]
Sent: October 16, 2017 6:09 AM
To: ***@yahoogroups.com
Subject: Re: [blat] Installation of Blat





I recommend not installing it at all but instead specifying sendmail
server and login specifics, return email address, and destination email
address in the command line when you call Blat.

That would mean including:
-to (destination email address)
-server (server URL)
-u (SMTP account username)
-pw (SMTP account password)
-f (from email address)

I also recommend Blat.exe be copied to a user-created folder, not a
Windows system folder. I found this with the above settings resolved
various security issues as regarding using Blat, starting with Windows
version 8. It also works perfectly well on Windows XP, Vista and 7 as
well as Windows Server 2008; 32 and 64 bit systems.
Post by ***@yahoo.com [blat]
We have created a Batch File to run Blat in order to mail results for
our POS System. It now runs successful and I am now considering to roll
it out to our 300+ clients.
What is the best way to store all relevant Parameters (Including SMTP
Account Information (We will use our company's SMTP account for that
purpose and this needs a log-in) in an "Idiot-proof" easy way?
I keep having trouble with blatinstall.bat and such ...
Am thinking now to create a .reg File, one for 32 Bit and one for 64 Bit Systems.
Or is there a better and more appropriate way?
Someone to take me by the hand and guide me through a Blatinstall.bat
that has only one group of settings?
Thanks!
--
Rod Carty
http://www.en-consult.ca

Keep Working. Millions on Welfare are Depending on YOU!
The preceding humor inserted by QuipSig
'Chip' chip.programmer@att.net [blat]
2017-10-17 04:23:13 UTC
Permalink
Post by ***@yahoo.com [blat]
We have created a Batch File to run Blat in order to mail results for our
POS System. It now runs successful and I am now considering to roll it out
to our 300+ clients.
What is the best way to store all relevant Parameters (Including SMTP
Account Information (We will use our company's SMTP account for that
purpose and this needs a log-in) in an "Idiot-proof" easy way?
I keep having trouble with blatinstall.bat and such ...
Am thinking now to create a .reg File, one for 32 Bit and one for 64 Bit Systems.
Or is there a better and more appropriate way?
Someone to take me by the hand and guide me through a Blatinstall.bat that
has only one group of settings?
Thanks!
Outside of anything already stated by others, there is one issue not yet
mentioned. Blat does not directly support SSL or TLS for encrypted
connections, which is used by port 586 mentioned above. However, this is
easily supported by using stunnel from stunnel.org to provide that
encryption. This is what I do at home, I use stunnel to provide TLS
encryption to AT&T, Hotmail, and Google (gmail). Blat is then told to use
IP address 127.0.0.1 for its SMTP server, which uses stunnel to establish
the encrypted connection. The job of stunnel is only to provide encryption.
As such, Blat is able to then establish a connection to the intended server,
and use login credentials. The stunnel configuration file will tell stunnel
the names of all servers you intent to use, and which ports to listen on for
making connections to each server. There are references to stunnel in the
Yahoo message list, including example configuration files. The accept=
statements in the list below tells stunnel which ports to listen on, and
those dictate which servers will be connected when Blat talks on the listed
port numbers. Here is part of my stunnel.conf file that you can use as a
basis for your situation:

CAfile = cert.pem
cert = client.pem
client = yes
RNDfile = .rnd
sslVersion = TLSv1
fips = no

[att yahoo smtp]
accept = 25
connect = outbound.att.net:465

[att yahoo pop3]
accept = 110
connect = inbound.att.net:995

[hotmail smtp]
accept = 8002
connect = smtp.live.com:587
protocol = smtp

[hotmail pop3]
accept = 9002
connect = pop3.live.com:995

[gmail smtp]
accept = 27
connect = smtp.gmail.com:587
protocol = smtp
--
Chip
manfred.winter@yahoo.com [blat]
2017-10-17 06:27:53 UTC
Permalink
Thanks for that. But then I have no idea why my installation then basically is working on my PC with Port 587? I found some hints on the net pointing to Port 587 not necessary requiring encryption via SSL or other.
Encryption would be nice_to_have, but I rather send unencrypted email than none at all.

That said, we need a way to install blat to be rolled out to about 200 or 300 clients of our POS system. I wont be able to make the installations all myself, and neither our clients nor my staff does possess the knowledge to install and configure a plethora of additional utilities. What would be needed is:
A batch file that is executed by our POS at the End of A Day. That one exists.And is working. (Needs a bit of tweaking for error handling, but I should be able to fix this with the examples posted on the blat.net page.
Distribute blat.exe and the other files, plus text files that will be filled with recipients email addresses and further email subject etc. information,all into one folder to be copied by the Installer of our POS Program on a version update. And I here I would like to have either a batch file or a Windows reg file that takes care of the registration of smtp server smtp user name password port number or attempts and all that.
My clients and staff would then need to:
One time run the batch file / reg file.
Fill email addresses into the empty provided recipients.txt, ccrecipients.txt, bccrecipients.txt and subject.txt files.
Anything that requires much more manual setup and configuration would be beyond the scope of both my clients and my staff.
The Documentation on Blat concerning installation on command line seems to be either misleading or incomplete. I tried a few times and almost every time got not the expected results. There is a way with letter preceding the entries, another way with more verbose strings, and finally one way where the parameters are entered without a prefix. None of these seem to work, especially in my case where we need to specify SMTP credentials. Also I feel a little bit more secure to have the sensitive smtp password encrypted in the Windows registry, than in verbose form in a distributed text file
manfred.winter@yahoo.com [blat]
2017-10-22 10:44:15 UTC
Permalink
Main reason for us to use blat as batch is that all can be done in blat and no need to alter the POS program. We have now released batch files that do the job and I will post them once fully tested.


Thanks to all for the valuable help!
manfred.winter@yahoo.com [blat]
2017-10-23 09:01:02 UTC
Permalink
Sorry, still need help!

A few month ago I was struggling to store all relevant information into the windows registry.
I created .reg File, and I am able to add the info on remote client PCs.
Now, we are about to roll out to clients, and I want to use a different domain to send the email. We have accounts with access to SMTP servers on both domains.
I remember before when I started to get into the usage of blat, I had a hard time correctly storing all relevant info into the registry.
But somehow I succeeded.


In regedit, I now have an entry in HKEY_LOCAL_MACHINE\SOFTWARE\PUBLIC DOMAIN\Wow6432Node\Blat
with the entries:
(Default) (value not set)
Login YmJ .... bQ== (*)
Pwd YmF ... TY= (*)
Sender mail.pos.com
SMTP Port 26
SMTP Server mail.pos.com
Try 3


(*) These values were altered here.
I see that both Login and Pwd are scrambled.


I think I tried all approaches given in the documentation:
blat -install mail.pos.com ***@pos.com 3 26 - ***@pos.com mailpw
or using prefixes given in the registry overrides section in the syntax file on blat.net, but the pwd field in the registry is always empty.




PS: Earlier someone suggested to add these commands to the blat command line when sending emails; I rather not do this as I believe the smtp password stored in the registry encrypted, which I prefer to specifying the pw in readable form.


Please help!


I really to install these parameters in our clients PCs with either a blatinstall batch file or a .reg file.
Am i right assuming that i need to create different .reg files for 32 bit and 64 bit systems?
OS is Windows 7, 32 or in some cases 64.
We also have a few Windows 10 (both 32 and 64 bit) clients.
Jeroen Eeuwes jeroeneeuwes@gmail.com [blat]
2017-10-23 11:00:55 UTC
Permalink
Hi Manfred,

The login and password in the registry are not encrypted, they are base64
encoded. If you think someone will be savvy enough to get the password from
the batch file they will probably be savvy enough to get them from the
registry and run them through https://www.base64decode.org/ .

I never use the registry settings of blat so I can't really help you there,
sorry.

Best regards,
Jeroen
Lars Holm lasse@the-holms.org [blat]
2017-10-23 13:24:58 UTC
Permalink
Hi all,

There is a freeware program called bat2exe for converting the batfile to an
exe file

See: http://www.battoexeconverter.com/

Lasse Holm
Post by Jeroen Eeuwes ***@gmail.com [blat]
Hi Manfred,
The login and password in the registry are not encrypted, they are base64
encoded. If you think someone will be savvy enough to get the password from
the batch file they will probably be savvy enough to get them from the
registry and run them through https://www.base64decode.org/ .
I never use the registry settings of blat so I can't really help you
there, sorry.
Best regards,
Jeroen
'Chip' chip.programmer@att.net [blat]
2017-10-24 05:06:40 UTC
Permalink
Post by ***@yahoo.com [blat]
Sorry, still need help!
A few month ago I was struggling to store all relevant information into the windows registry. I created .reg File, and I am able to add the info on remote client PCs. Now, we are about to roll out to clients, and I want to use a different domain to send the email. We have accounts with access to SMTP servers on both domains. I remember before when I started to get into the usage of blat, I had a hard time correctly storing all relevant info into the registry. But somehow I succeeded.
(Default) (value not set)
Login YmJ .... bQ== (*)
Pwd YmF ... TY= (*)
Sender mail.pos.com
SMTP Port 26
SMTP Server mail.pos.com
Try 3
(*) These values were altered here.
I see that both Login and Pwd are scrambled.
or using prefixes given in the registry overrides section in the syntax file on blat.net, but the pwd field in the registry is always empty.
PS: Earlier someone suggested to add these commands to the blat command line when sending emails; I rather not do this as I believe the smtp password stored in the registry encrypted, which I prefer to specifying the pw in readable form.
Please help!
I really to install these parameters in our clients PCs with either a blatinstall batch file or a .reg file. Am i right assuming that i need to create different .reg files for 32 bit and 64 bit systems? OS is Windows 7, 32 or in some cases 64. We also have a few Windows 10 (both 32 and 64 bit) clients.
I saw from an earlier email that you have 32-bit Blat version 3.2.17. You do not need two .reg files, because you can have support for both 32-bit Windows and 64-bit Windows in one .reg file. I see your registry path above is wrong, you have Wow6432Node and “Public Domain” switched places. It needs to look like this:

The registry path for 64-bit Windows would be:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Public Domain\Blat]

or for 32-bit Windows:

[HKEY_LOCAL_MACHINE\SOFTWARE\Public Domain\Blat]

Blat can also store its keys into HKEY_CURRENT_USER path:

[HKEY_CURRENT_USER\SOFTWARE\Wow6432Node\Public Domain\Blat]
or
[HKEY_CURRENT_USER\SOFTWARE\Public Domain\Blat]

To store username and password from the command line, this should work for you:

blat -install smtp.pos.com emailaddy 26 5 - -u login_username -pwd user_password

You need to use the –u and –pwd options to store those credentials. There is a lone hyphen between the number five (5) and –u, which tells Blat to use the default profile location in your Windows registry.

Here is a sample .reg file that should work with both 32-bit and 64-bit Windows.
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Public Domain\Blat]
"Login"="*******blocked="
"Pwd"="*******blocked="
"Sender"="*******blocked"
"SMTP Port"="26"
"SMTP server"="mail.pos.com"
"Try"="3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Public Domain\Blat]
"Login"="*******blocked="
"Pwd"="*******blocked="
"Sender"="*******blocked"
"SMTP Port"="26"
"SMTP server"="mail.pos.com"
"Try"="3"

I hope this helps.
--
Chip
manfred.winter@yahoo.com [blat]
2017-11-09 07:28:19 UTC
Permalink
Found out that the Web host we are using is phasing out non-encrypted SMTP, so it looks I have to look into this option now. I downloaded Stunnel and installed it on my machine.
Next I started the exe and answered some questions about my region and organisation.


Both the Documentation and the sample config file almost killed me with tons of terms I have no idea what they mean, so I am trying to find a configuration to use, with the least possible amount of data.


I found the following example in thestunnel.conf file, and thought I could alter it with my data:

Here is an example I think is appropriate:

[mypos smtp]
accept = 25
connect = smtp.mypos.com:26
protocol = smtp


In Blat, I specified 17.0.0.1 as the mail server, 25 as the port, use the base64 encoded values for Login and Password, and sendmail.mypos.com as sender.


Bad news: I still dont understand a lot of what I am doing. Good news: All is working!


Thanks a lot!


Now I need to find a way to install stunnel in such a way that people with much less IT knowledge than myself can install the system. I guess I can reuse my conf file. What about the certificate file? Does that need to be created locally at every installation, or can I distribute it?








Outside of anything already stated by others, there is one issue not yet
mentioned. Blat does not directly support SSL or TLS for encrypted
connections, which is used by port 586 mentioned above. However, this is
easily supported by using stunnel from stunnel.org to provide that
encryption. This is what I do at home, I use stunnel to provide TLS
encryption to AT&T, Hotmail, and Google (gmail). Blat is then told to use
IP address 127.0.0.1 for its SMTP server, which uses stunnel to establish
the encrypted connection. The job of stunnel is only to provide encryption.
As such, Blat is able to then establish a connection to the intended server,
and use login credentials. The stunnel configuration file will tell stunnel
the names of all servers you intent to use, and which ports to listen on for
making connections to each server. There are references to stunnel in the
Yahoo message list, including example configuration files. The accept=
statements in the list below tells stunnel which ports to listen on, and
those dictate which servers will be connected when Blat talks on the listed
port numbers. Here is part of my stunnel.conf file that you can use as a
basis for your situation:

CAfile = cert.pem
cert = client.pem
client = yes
RNDfile = .rnd
sslVersion = TLSv1
fips = no

[att yahoo smtp]
accept = 25
connect = outbound.att.net:465

[att yahoo pop3]
accept = 110
connect = inbound.att.net:995

[hotmail smtp]
accept = 8002
connect = smtp.live.com:587
protocol = smtp

[hotmail pop3]
accept = 9002
connect = pop3.live.com:995

[gmail smtp]
accept = 27
connect = smtp.gmail.com:587
protocol = smtp

--
Chip
'Chip' chip.programmer@att.net [blat]
2017-11-10 05:01:37 UTC
Permalink
Post by ***@yahoo.com [blat]
Found out that the Web host we are using is phasing out non-encrypted
SMTP, so it looks I have to look into this option now.
I downloaded Stunnel and installed it on my machine.
Next I started the exe and answered some questions about my region and organisation.
Both the Documentation and the sample config file almost killed me with
tons of terms I have no idea what they mean, so I am trying to find a
configuration to use, with the least possible amount of data.
I found the following example in thestunnel.conf file, and thought I could
[mypos smtp]
accept = 25
connect = smtp.mypos.com:26
protocol = smtp
In Blat, I specified 127.0.0.1 as the mail server, 25 as the port, use the
base64 encoded values for Login and Password, and sendmail.mypos.com as
sender.
Bad news: I still dont understand a lot of what I am doing. Good news: All is working!
Thanks a lot!
Now I need to find a way to install stunnel in such a way that people with
much less IT knowledge than myself can install the system. I guess I can
reuse my conf file. What about the certificate file? Does that need to be
created locally at every installation, or can I distribute it?
You can package the whole stunnel tree and copy it to your client systems,
including your conf file.

Chip
manfred.winter@yahoo.com [blat]
2017-11-10 09:01:03 UTC
Permalink
Do I need to install the service? It looks as if it also works without the service installed? The Stunnel installation also leaves an icon on the Desktop. Double clicking this one results in an error, but the email is still working?
manfred.winter@yahoo.com [blat]
2017-11-19 15:03:28 UTC
Permalink
So, after having successfully installed stunnel on my main machine (Windows 7 64 Bit) I am now trying to port the Installation (Blat and stunnel) to my laptop (Windows 10 64 Bit). I did run the stunnel installer, answered the questions, created a cert file, and added the following lines to the conf file (same as on the other machine):


[mypos smtp]
accept = 25
connect = smtp.mypos.com:26
protocol = smtp


Next, I started the stunnel service, and set the stunnel service to automatic start.
Blat is configure in registry with Base64 Coded login data, Name of sender email, SMTP Port 25, SMTP Server localhost (or 127.0.0.1, tried both).

No success ....
Blat log file shows:


Error: Connection to server was dropped.
*** Error *** SMTP server error
Error: Not a socket.
Error: Not a socket.
ERROR: File name (message text) not given or Bad argument given, Unable to open SMTP socket, SMTP get line did not return 220, command unable to write to socket, Server does not like To: address or Mail server error accepting message data.




Next step : Searching for an stunnel log. Took me a while that i have to run stunnel all users - stunnel gui start, to get to the following:


[ ] Running on Windows 6.2
[ ] No limit detected for the number of clients
[.] stunnel 5.43 on x86-pc-msvc-1500 platform
[.] Compiled/running with OpenSSL 1.0.2m-fips 2 Nov 2017
[.] Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
[ ] errno: (*_errno())
[ ] GUI message loop initialized
[ ] Running on Windows 6.2
[.] Reading configuration from file stunnel.conf
[.] UTF-8 byte order mark detected
[.] FIPS mode disabled
[ ] Compression disabled
[ ] PRNG seeded successfully
[ ] Initializing service [bbtthailand smtp]
[ ] Ciphers: HIGH:!DH:!aNULL:!SSLv2
[ ] TLS options: 0x03000004 (+0x03000000, -0x00000000)
[ ] Loading certificate from file: stunnel.pem
[ ] Certificate loaded from file: stunnel.pem
[ ] Loading private key from file: stunnel.pem
[ ] Private key loaded from file: stunnel.pem
[ ] Private key check succeeded
[:] Service [mypos smtp] needs authentication to prevent MITM attacks
[.] Configuration successful
[ ] Binding service [mypos smtp]
[ ] Listening file descriptor created (FD=664)
[ ] Option SO_EXCLUSIVEADDRUSE set on accept socket
[!] bind: Address already in use (WSAEADDRINUSE) (10048)
[!] Error binding service [mypos smtp] to 127.0.0.1:25
[ ] Unbinding service [bbtthailand smtp]
[ ] Service [bbtthailand smtp] closed


[!] Server is down



What next?
Jeroen Eeuwes jeroeneeuwes@gmail.com [blat]
2017-11-19 19:34:48 UTC
Permalink
Hi Manfred,

Something is already using port 25 on your machine. You should try on a
different port.

Best regards, Jeroen

Sent with AquaMail for Android
http://www.aqua-mail.com
'Chip' chip.programmer@att.net [blat]
2017-11-19 21:46:02 UTC
Permalink
Post by ***@yahoo.com [blat]
So, after having successfully installed stunnel on my main machine (Windows 7 64 Bit) I am now trying to port the Installation (Blat and stunnel) to my laptop (Windows 10 64 Bit).
[mypos smtp]
accept = 25
connect = smtp.mypos.com:26
protocol = smtp
Next, I started the stunnel service, and set the stunnel service to automatic start.
Blat is configure in registry with Base64 Coded login data, Name of sender email, SMTP Port 25, SMTP Server localhost (or 127.0.0.1, tried both).
No success ....
Error: Connection to server was dropped.
*** Error *** SMTP server error
Error: Not a socket.
Error: Not a socket.
ERROR: File name (message text) not given or Bad argument given, Unable to open SMTP socket, SMTP get line did not return 220, command unable to write to socket, Server does not like To: address or Mail server error accepting message data.
[ ] Running on Windows 6.2
[ ] No limit detected for the number of clients
[.] stunnel 5.43 on x86-pc-msvc-1500 platform
[.] Compiled/running with OpenSSL 1.0.2m-fips 2 Nov 2017
[.] Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
[ ] errno: (*_errno())
[ ] GUI message loop initialized
[ ] Running on Windows 6.2
[.] Reading configuration from file stunnel.conf
[.] UTF-8 byte order mark detected
[.] FIPS mode disabled
[ ] Compression disabled
[ ] PRNG see! ded successfully
[ ] Initializing service [bbtthailand smtp]
[ ] Ciphers: HIGH:!DH:!aNULL:!SSLv2
[ ] TLS options: 0x03000004 (+0x03000000, -0x00000000)
[ ] Loading certificate from file: stunnel.pem
[ ] Certificate loaded from file: stunnel.pem
[ ] Loading private key from file: stunnel.pem
[ ] Private key loaded from file: stunnel.pem
[ ] Private key check succeeded
[:] Service [mypos smtp] needs authentication to prevent MITM attacks
[.] Configuration successful
[ ] Binding service [mypos smtp]
[ ] Listening file descriptor created (FD=664)
[ ] Option SO_EXCLUSIVEADDRUSE set on accept socket
[!] bind: Address already in use (WSAEADDRINUSE) (10048)
[!] Error binding service [mypos smtp] to 127.0.0.1:25
[ ] Unbinding service [bbtthailand smtp]
[ ] Service [bbtthailand smtp] closed
[!] Server is down
What next?
I searched for the message “Error binding service” as related to Stunnel, and found what I believe the most likely issue is that Windows Firewall may need to be told to allow Stunnel.

However, as was suggested by Jeroen, it is possible that another program is actively listening on port 25. It is possible to know this if you open a command prompt window, run “netstat –ab”, and look for 127.0.0.1:25 in the output. If that ip:port is listed in your output, the line below it will show which program has control of the port. You can configure stunnel and blat to use a different port number rather than port 25, such as port number 125 (I use 8002 for one of my connections).

The rest of this discussion relates to Windows Firewall ---

https://serverfault.com/questions/479031/stunnel-cant-bind-to-0-0-0-0

That answer lead to searching how to open a port in the Windows firewall, under program control:
https://stackoverflow.com/questions/802687/what-api-calls-are-involved-in-opening-a-port-in-the-windows-firewall

This in turn gave https://technet.microsoft.com/en-us/library/cc771046%28v=ws.10%29.aspx#bkmk_addallowedprogram

I started to use the old form for netsh, but Windows complained that I needed to use the newer format:
https://support.microsoft.com/en-us/help/947709/how-to-use-the-netsh-advfirewall-firewall-context-instead-of-the-netsh

Here is what works for my Windows 7 system with Stunnel version 5.43 installed to C:\stunnel directory.

netsh advfirewall firewall add rule name="stunnel (GUI Version)" dir=in action=allow program="C:\stunnel\bin\stunnel.exe" enable=yes
netsh advfirewall firewall add rule name="stunnel (Terminal Version)" dir=in action=allow program="C:\stunnel\bin\tstunnel.exe" enable=yes
--
Chip
ima_itikarai@mineral.gov.pg [blat]
2017-11-13 03:29:50 UTC
Permalink
I placed stunnel in startup so it starts at bootup and remains active everytime.

Ima.



Sent from my Samsung Galaxy smartphone.


-------- Original message --------
From: "'Chip' ***@att.net [blat]" <***@yahoogroups.com>
Date: 13/11/2017 3:39 am (GMT+10:00)
To: ***@yahoogroups.com
Subject: Re: [blat] Installation of Blat
Post by ***@yahoo.com [blat]
Do I need to install the service? It looks as if it also works without the service installed?
The Stunnel installation also leaves an icon on the Desktop. Double clicking this one results in an error, but the email is still working?
If you run stunnel as a service, your job will be a lot easier because you will not need to worry about starting stunnel before you run Blat.

You do not need to keep the desktop shortcut for stunnel, the icon is there so users can start that stunnel program if/when they choose. For your automation, the stunnel desktop shortcut is not needed.
Manfred Winter manfred.g.winter@gmail.com [blat]
2017-11-20 01:40:47 UTC
Permalink
Thanks Jeroen and Chip!

Two steps further ... Lets see if I ever climb the last step of the
ladder ...
First followed Chip's suggestion of running netstat -ab; I stored the
output in a .txt file, and searched for 127.0.0.1:25.
Success!
So lets now find, identify and terminate once and for all the little
bugger ....
Wait:
TCP 127.0.0.1:25 Zenbook:0 LISTENING
[stunnel.exe]

So, its stunnel that prevents stunnel ???

Anyway, I tried Port 8002 next, with success. Emails are successfully sent!
I then checked the Windows Firewall Gui, and found stunnel in the list
of allowed applications for private Networks.
And running stunnel Gui still gives the same error as before.

So, in less words:
stunnel did not work on Port 26 because the port was blocked by ...
stunnel???

Nevertheless stunnel now works using Port 8002, even though netstat now
shows 127.0.0.1:8002 is in use by stunnel.
And Stunnel Gui start produces the same kind of error independent of the
port, or if the application is working or not ...
Also there seems to be an issue with the Firewall, even though stunnel
has already modified the Firewall rules to allow itself.

Something is telling me I'm still far from a solution ...
'Chip' chip.programmer@att.net [blat]
2017-11-20 02:40:14 UTC
Permalink
Post by Manfred Winter ***@gmail.com [blat]
Thanks Jeroen and Chip!
Two steps further ... Lets see if I ever climb the last step of the ladder
...
First followed Chip's suggestion of running netstat -ab; I stored the
output in a .txt file, and searched for 127.0.0.1:25.
Success!
So lets now find, identify and terminate once and for all the little
bugger ....
TCP 127.0.0.1:25 Zenbook:0 LISTENING
[stunnel.exe]
So, its stunnel that prevents stunnel ???
Anyway, I tried Port 8002 next, with success. Emails are successfully
sent! I then checked the Windows Firewall Gui, and found stunnel in the
list of allowed applications for private Networks. And running stunnel Gui
still gives the same error as before.
stunnel did not work on Port 26 because the port was blocked by ...
stunnel???
Nevertheless stunnel now works using Port 8002, even though netstat now
shows 127.0.0.1:8002 is in use by stunnel. And Stunnel Gui start produces
the same kind of error independent of the port, or if the application is
working or not ...
Also there seems to be an issue with the Firewall, even though stunnel has
already modified the Firewall rules to allow itself.
Something is telling me I'm still far from a solution ...
It appears as if you have two instances of stunnel running in that computer.
Can you look for how many places stunnel is installed, and how many
different times it is being loaded?

Run services.msc and make sure Stunnel is listed as a service. If it is
listed, then double click on the name to open the properties window, which
will also tell you where the executable is located.

If there is only one copy of stunnel on the system, and if it is listed in
as a Windows service, then make sure you do not also try to run stunnel.exe
from your application; you do not want them to interfere with each other.

Chip

Continue reading on narkive:
Loading...