Exchange online account to hMailServer accout with SSL/TLS

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
ricard99
New user
New user
Posts: 1
Joined: 2019-03-13 16:09

Exchange online account to hMailServer accout with SSL/TLS

Post by ricard99 » 2019-03-13 16:14

Hi,

I’m trying to configure hMailServer with SMTP SSL/TLS to work with office 365. I only need one account (for journaling). The scenario is:

Exchange online:
A journal rule has added to send all emails to example@domain.com (office journaling does not support an internal account)

HMailServer:
example@domian.com has been created

It works perfectly, but if SSL/TLS is activated the following error appears:

"TCPIP" 2472 "2019-03-13 14:55:46.552" "TCP - 104.47.2.54 connected to 192.168.250.50:25."
"DEBUG"2472 "2019-03-13 14:55:46.552""TCP connection started for session 1899"
"DEBUG"2472"2019-03-13 14:55:46.552""Performing SSL/TLS handshake for session 1899. Verify certificate: False"

I have followed the instructions at viewtopic.php?f=12&t=2237

I have made a test and it seems it works fine (openssl s_client -connect 192.168.250.50:25).

The certificate is selfsigned and password from private key removed.

Maybe I’m fighting versus something that is not supported?

Thanks in advance,

Ricard.

User avatar
mattg
Moderator
Moderator
Posts: 19724
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Exchange online account to hMailServer accout with SSL/TLS

Post by mattg » 2019-03-14 03:35

ricard99 wrote:
2019-03-13 16:14
"DEBUG"2472"2019-03-13 14:55:46.552""Performing SSL/TLS handshake for session 1899. Verify certificate: False"
That is NOT an error

That is saying that the certificate was NOT attempted to be verified,
because certificates are rarely verified
because in the real world MANY certificates would fail IF CHECKED

The ONLY time that hMailsevrer TRIES to verify a certificate is when
a) the checkbox in SSL/TLS window in the GUI is set to 'verify remote server SSL/TLS certificates', AND
b) the remote server is set in either a ROUTE or as the SMTP-Relayer

Other remote certificates WILL NEVER BE TESTED for veracity


ALSO that has nothing to do with YOUR certificate, only the remote certificate
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Post Reply