Post new topic Reply to topic  [ 10 posts ] 
Author Message
 Post subject: TLS error during SMTP delivery
PostPosted: 2012-02-28 23:49 
New user
New user

Joined: 2012-02-28 23:25
Posts: 2
Hi,
I was using hMailServer 5.4 - 1931 with PostgreSQL 8.4 since months who was running TLS fine,
then I needed to migrate my server, so I used to restore a full backup made in HMailServer, restored
all in the same directories... etc

SSL is working, SSL certificates are good, but during SMTP delivery (ports 25, 465 are open) I have
this error :
Code:
[000.152]       Connected to server
[000.296]    <--    220 mymailserver ESMTP
[000.296]       We are allowed to connect
[000.297]    -->    EHLO mycomputer
[000.438]    <--    250-mymailserver
250-SIZE 20480000
250 AUTH LOGIN
[000.438]       We can use this server
[000.438]       TLS is not an option on this server


As you see, I didn't had this message before restoring all the data, but after restoring
I got it ..
"TLS is not an option on this server"

How can I re-enable TLS support (I checked all the configuration) ?

Best regards,
Thomas


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2012-02-29 00:10 
Developer

Joined: 2010-04-24 23:16
Posts: 5886
Location: Michigan, USA
Thomas,
Perhaps you are confused.. Last I knew hmail had no STARTTLS support. ;)
Bill

_________________
hMailServer build LIVE on my servers: 5.4-B2014011501
Latest test builds: http://www.hmailserver.com/forum/viewtopic.php?f=10&t=21420
Urgent? Bored? JOIN US ON IRC!
DOGE ME: DSqtEcqP3Qv6Tj2XrGNpDmEUkSBcpBsuWk


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2012-02-29 00:14 
Site Admin
User avatar

Joined: 2005-07-29 16:18
Posts: 13792
Location: UK
As Bill says hMail has never supported STARTTLS although i do believe there is a feature request for it somewhere that you can add your vote to.

_________________
If at first you don't succeed, bomb disposal probably isn't for you! ヅ


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2012-02-29 00:16 
Senior user
Senior user
User avatar

Joined: 2005-10-13 21:28
Posts: 2487
Location: Lithuania
Bill48105 wrote:
Thomas,
Perhaps you are confused.. Last I knew hmail had no STARTTLS support. ;)
Bill

If you click on SSL checkbox, you enable TLSv1 service.

hMailServer does not have starttls support. Big five letter difference.


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2012-02-29 00:34 
Developer

Joined: 2010-04-24 23:16
Posts: 5886
Location: Michigan, USA
dzekas wrote:
Bill48105 wrote:
Thomas,
Perhaps you are confused.. Last I knew hmail had no STARTTLS support. ;)
Bill

If you click on SSL checkbox, you enable TLSv1 service.

hMailServer does not have starttls support. Big five letter difference.

Was going by the entire post including the log output shown, clearly it was looking for starttls even though the OP & logs say TLS. ;)

_________________
hMailServer build LIVE on my servers: 5.4-B2014011501
Latest test builds: http://www.hmailserver.com/forum/viewtopic.php?f=10&t=21420
Urgent? Bored? JOIN US ON IRC!
DOGE ME: DSqtEcqP3Qv6Tj2XrGNpDmEUkSBcpBsuWk


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2012-02-29 10:32 
New user
New user

Joined: 2012-02-28 23:25
Posts: 2
Hello guys,

Yeah sorry about the confusion, it was TLSv1 , not STARTTLS, but the problem
is I didn't had this error before restoring full backup.

Using tools like MxToolbox where not showing that before the restore, and since the restore
it says TLS not working.

So it's a normal situation ? Seems weird :(

Thanks !


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2012-02-29 15:21 
Developer

Joined: 2010-04-24 23:16
Posts: 5886
Location: Michigan, USA
How is it communicating then (based on your logs)? It can't start SSL after already connected, that's what starttls does and is for. Btw what are those logs for/from? Definitely not hmail.
Bill

_________________
hMailServer build LIVE on my servers: 5.4-B2014011501
Latest test builds: http://www.hmailserver.com/forum/viewtopic.php?f=10&t=21420
Urgent? Bored? JOIN US ON IRC!
DOGE ME: DSqtEcqP3Qv6Tj2XrGNpDmEUkSBcpBsuWk


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2012-02-29 21:31 
Senior user
Senior user
User avatar

Joined: 2005-10-13 21:28
Posts: 2487
Location: Lithuania
Endorfyine wrote:
As you see, I didn't had this message before restoring all the data, but after restoring
I got it ..
"TLS is not an option on this server"

How can I re-enable TLS support (I checked all the configuration) ?

Set your software to use 465 port. Make sure that SSL is enabled on that port in hMailServer configuration. If your software continues to check for "TLS" on SMTP-over-SSL service, contact them and ask to read SMTP StartTLS specification. They are not supposed to check for ways to enable encryption on encrypted connection and they should not confuse TLS with StartTLS.


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2012-03-01 10:19 
New user
New user
User avatar

Joined: 2008-08-30 15:49
Posts: 14
Endorfyine wrote:
As you see, I didn't had this message before restoring all the data, but after restoring
I got it ..
"TLS is not an option on this server"

How can I re-enable TLS support (I checked all the configuration) ?

Best regards,
Thomas


I had the same problem, and found that I had to re-assign the certificate to the ports.
See settings -> advanced -> TCP/IP ports.

Fred.


Top
 Profile  
 
 Post subject: Re: TLS error during SMTP delivery
PostPosted: 2013-12-30 21:01 
Developer

Joined: 2010-04-24 23:16
Posts: 5886
Location: Michigan, USA
FYI we have partial STARTTLS added to an experimental build & looking for testers:
viewtopic.php?p=156382#p156382

It is true ALPHA & should not be used in production & has known limits/issues:
* Outbound SSL is not working (temporary due to hard-coded function parameter during testing)
* SMTP auto-detect by client sometimes fails due to EHLO response always having STARTTLS string (will be fixed)
* ONLY supports INBOUND SMTP PORT 587 for now (just for testing. User configurable, IMAP/POP & SMTP out scheduled for later)
* Some email clients issue Q then UIT at end of session. Still investigating cause but appears to not cause problems besides occasional error.

In testing STARTTLS we stumbled upon what we believe is potentially a big cause of IOCP crashes/errors people have seen. The fix for the STARTTLS issue could very well help with IOCP errors as well & the hope is it does. Once we get the new build stable enough we'll have people test. I am tempted to post a test experimental without STARTTLS since it's so promising.
Thx
Bill

_________________
hMailServer build LIVE on my servers: 5.4-B2014011501
Latest test builds: http://www.hmailserver.com/forum/viewtopic.php?f=10&t=21420
Urgent? Bored? JOIN US ON IRC!
DOGE ME: DSqtEcqP3Qv6Tj2XrGNpDmEUkSBcpBsuWk


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 10 posts ] 


Who is online

Users browsing this forum: No registered users and 2 guests



Search for:
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group