Posted onby

Stunnel is designed to work as SSL encryption wrapper between remote clients and local or remote servers. To have the direct access to GMail SMTP/POP3 service follow. The stunnel program is an encryption wrapper between a client and a server. It listens on the port specified in its configuration file, encrypts the communitation with the client, and forwards the data to the original daemon listening on its usual port.

This document will explain the procedures for installing and configuring Stunnel, a third-party SSL tunneling client to be used if your SMTP server requires SSL. Stunnel is required for WIN-911 V7 as it does not natively support SSL. We have provided an example Stunnel configuration in this article that will be using Gmail's SMTP server. While we are using Gmail as an example, please be aware that Google enforces sending limits on Gmail accounts. Currently, the limit is 500 emails in a day. If your WIN-911 configuration contains a large number of Email Contacts and/or Alarms, you will need to find an alternative to Gmail.

A. Download and Installing Stunnel

Stunnel 5.40 can be downloaded from the Stunnel website. During the installation process, make sure you enter the proper Organization information. The information creates an SSL certificate. If you skip this step, Stunnel will not function properly.

B. Configure Stunnel


You can use Stunnel to configure any SSL enabled server. As we mentioned in the Introduction, we have provided an example using Gmail.

Stunnel is configured with a text-based configuration file titled stunnel.conf. You can find the file in the directory Stunnel is installed to.

You can also find it from selecting: Start > All Programs > Stunnel > Edit stunnel.conf.

Once you’ve opened the stunnel.conf file in Notepad you’ll be presented with their default configuration.

This configuration is not needed, you will need to remove it by highlighting the text and deleting it. Copy the text below into the blank file:

client = yes
accept =
connect =

Save the configuration and now you can start the Stunnel runtime. If Stunnel was running then you will need to open the Stunnel GUI and select:

Configuration > Reload stunnel.conf from the menu bar.

The accept property is used to specify the host that will accept the connection and the connect property is used to specify the remote host. If you are using a connection other than Gmail, you should only have to change the SMTP connect server and port.

C. Configuring Stunnel as a Windows Service

Install Stunnel as a service by going to:

Start > All Programs > Stunnel > Service Install.

A successful dialog should appear. You can now find Stunnel in your Windows Services list. Set the service to start automatically. We suggest rebooting your system and triggering an alarm after you have WIN-911 and Stunnel working to ensure it is functioning properly.

D. Configure Gmail

In order to send email through Gmail using 3rd party email clients, including WIN-911, you must enable the less secure apps feature. You can do this by logging into the Gmail account you'd like to use and open the Less Secure Apps page.

Once you select the proper access option for less secure apps, you can log out.

Use the following screenshots to configure WIN-911 to use Stunnel.

Follow these SMTP Settings to set up WIN-911

Stunnel Smtp


Stunnel Linux

Follow these Authentication Settings

Restart WIN-911 and test your settings by sending a Manual Message.

Find additional support information at Stunnel.

Technical Support

To create a support case, you will need either your Maintenance Support number or your CD Tracking number. You can create a Case online or contact the product support line: (512)326-1011.

Stunnel is a free and open source SSL encryption wrapper software download filed under servers and made available by Michal Trojnara for Windows.

The review for Stunnel has not been completed yet, but it was tested by an editor here on a PC and a list of features has been compiled; see below.

Stunnel Windows

Adds a layer of SSL encryption between clients and local servers

The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled into the library.

Stunnel Configuration

Stunnel can benefit from FIPS 140-2 validation of the OpenSSL FIPS Object Module, as long as the building process meets its Security Policy. A scanned FIPS 140-2 Validation Certificate document is available for download on the NIST web page. The Windows binary installer is compiled with FIPS 140-2 support. The FIPS mode of operation is no longer enabled by default since stunnel 5.00.

Stunnel is a free software authored by Michal Trojnara. Although distributed under GNU GPL version 2 or later with OpenSSL exception, stunnel is not a community project.

Features and highlights

  • Load sharing among multiple backend servers
  • External session cache (for clusters)
  • Compression (for limited bandwidth)
  • Support for OpenSSL Security Features:
  • Certificate-based access control
  • CRL and OCSP certificate revocation
  • SNI (Server Name Indication) support for name-based virtual servers
  • PFS (Perfect Forward Secrecy) with DH and ECDH key agreement

Stunnel 5.59 on 32-bit and 64-bit PCs

This download is licensed as freeware for the Windows (32-bit and 64-bit) operating system on a laptop or desktop PC from servers without restrictions. Stunnel 5.59 is available to all software users as a free download for Windows. As an open source project, you are free to view the source code and distribute this software application freely.

Filed under:
  1. Stunnel Download
  2. Freeware Servers
  3. Open source and GPL software
  4. SSL Encryption Wrapping Software