Author Topic: SMTP TLS or SSL not working  (Read 1128 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
SMTP TLS or SSL not working
« on: May 14, 2020, 01:10:28 PM »
Hello,

I have tried to connect my email on gmail, but gmail can't connect through TLS or SSL ports, I. had to use no certificate and connect it on port 25, until then it worked. However, I would like to know how can I connect it normally with TLS or SSL.

My hostname is set and I have A records for it. I have also installed certificate and it should be working fine.

Offline
***
Re: SMTP TLS or SSL not working
« Reply #1 on: May 14, 2020, 01:23:28 PM »
Gmail is tempermental to say the least.  I have to connect via TLS to the hostname, as google doesn't not send the "Servername" with the connections for SANS to work.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: SMTP TLS or SSL not working
« Reply #2 on: May 14, 2020, 03:01:24 PM »
I even tried to do this by connecting smtp in wordpress, but I still can't I had to do it through port 25. Do you have any idea or suggestion on how to fix this?

Also another issue, the email sending through smtp is really slow, but when I send directly from roundcloud, then its faster

Offline
***
Re: SMTP TLS or SSL not working
« Reply #3 on: May 14, 2020, 03:19:39 PM »
Make sure the firewall is open.  As for slow sending, roindcube uses phpmail, whole clients have to route through postfix.  Bit it shouldn't take too long unless there is an issue.
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: SMTP TLS or SSL not working
« Reply #4 on: May 14, 2020, 04:07:49 PM »
I can see the port 465 is listed in TCP IN, but not in OUT. Could that be the issue?

What else should i check in the firewall?

Offline
*
Re: SMTP TLS or SSL not working
« Reply #5 on: May 14, 2020, 04:25:41 PM »
From google i get this error:

Server returned error: "TLS Negotiation failed, the certificate doesn't match the host., code: 0"

Offline
***
Re: SMTP TLS or SSL not working
« Reply #6 on: May 14, 2020, 08:01:24 PM »
What "mail servers" are you using?  Hostname, or mail.domain.com
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: SMTP TLS or SSL not working
« Reply #7 on: May 14, 2020, 11:10:27 PM »
I am using hostname, in my case its panel.domain.com

Offline
***
Re: SMTP TLS or SSL not working
« Reply #8 on: May 14, 2020, 11:32:53 PM »
So you "Hostname" is panel.domain.com?

In my example:
Hostname: server3.schaffner.org
domain: schaffner.org
in gmail, I can't use mail.schaffner.org, as GM doesn't forward a "ServerName" request.  I have to use server3.schaffner.org as both incoming and outgoing, as postfix's default ssl certificate (NON SANS) is the hostname cert
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: SMTP TLS or SSL not working
« Reply #9 on: May 15, 2020, 08:15:00 AM »
in my example:
domain: uxiology.com
hostname: panel.uxiology.com
with gmail i use panel.uxiology.com
but i use non secured connection with port 25. I am trying to optimize it to go with secured connection

Offline
***
Re: SMTP TLS or SSL not working
« Reply #10 on: May 15, 2020, 08:19:46 AM »
openssl s_client -showcerts -connect panel.uxiology.com:995
openssl s_client -showcerts -connect panel.uxiology.com:465

check the output of the above 2 commands.   Specifically look at the Cert Name info
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: SMTP TLS or SSL not working
« Reply #11 on: May 15, 2020, 08:34:44 AM »
i get the following for both commands:
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits

Offline
***
Re: SMTP TLS or SSL not working
« Reply #12 on: May 15, 2020, 08:44:01 AM »
 Verify return code: 18 (self signed certificate)

Can't be self signed with Crapgle.

Goto "Change Hostname" and make sure autossl is selected to get a cert from LetsEncrypt
Google Hangouts:  rcschaff82@gmail.com

Offline
*
Re: SMTP TLS or SSL not working
« Reply #13 on: May 15, 2020, 10:05:14 AM »
I have checked the return code and it says (0)

I also checked the page in hostname and it shows every checkbox is selected, you can see the image below.

https://imgur.com/U7AOaB0

As for lets encrypt certificates, I'm seeing the following:

https://imgur.com/DyIkPbi

Offline
***
Re: SMTP TLS or SSL not working
« Reply #14 on: May 15, 2020, 10:24:35 AM »
grep "Error" /root/.acme.sh/cwp_certs/acme.sh.log

grep "panel.uxiology.com" /root/.acme.sh/cwp_certs/acme.sh.log

acme.sh --config-home /root/.acme.sh/cwp_certs/ --list
« Last Edit: May 15, 2020, 10:27:42 AM by rcschaff »
Google Hangouts:  rcschaff82@gmail.com