Steps to reproduce
- Enter settings (in config or via settings) for remote SMTP server
with STARTTLS 587 and required login credentials for authentication. - Try to send test email via the settings page.
Expected behaviour
I receive a test mail.
Actual behaviour
With mail_smtpdebug enabled in the config I get following error message (domains are replaced like «mailprovider.de» as the server of the mail provider and «nextcloud.on.mydomain.com» for the nextcloud instance):
Beim Senden der E-Mail ist ein Problem aufgetreten. Bitte überprüfe Deine Einstellungen. (Fehler: Unable to connect with TLS encryption Log data: ++ Starting Swift_SmtpTransport << 220 smtp1.mailprovider.de ESMTP >> EHLO nextcloud.on.mydomain.com << 250-smtp1.mailprovider.de 250-PIPELINING 250-SIZE 51200000 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN >> STARTTLS << 220 2.0.0 Ready to start TLS !! Unable to connect with TLS encryption (code: 0))
I only get the test mail if I use no encryption.
Server configuration detail
Operating system: Linux 4.4.0-130-generic #156-Ubuntu SMP Thu Jun 14 08:53:28 UTC 2018 x86_64
Webserver: Apache/2.4.38 (Debian) (apache2handler)
Database: mysql 5.7.24
PHP version:
7.3.9
Modules loaded: Core, date, libxml, openssl, pcre, sqlite3, zlib, ctype, curl, dom, fileinfo, filter, ftp, hash, iconv, json, mbstring, SPL, PDO, session, posix, Reflection, standard, SimpleXML, pdo_sqlite, Phar, tokenizer, xml, xmlreader, xmlwriter, mysqlnd, apache2handler, apcu, exif, gd, imagick, intl, ldap, memcached, pcntl, pdo_mysql, pdo_pgsql, redis, sodium, zip, Zend OPcache
Nextcloud version: 16.0.4 — 16.0.4.1
Updated from an older Nextcloud/ownCloud or fresh install:
Where did you install Nextcloud from: Official Docker Image
Signing status
List of activated apps
Enabled:
- accessibility: 1.2.0
- activity: 2.9.1
- calendar: 1.7.0
- cloud_federation_api: 0.2.0
- comments: 1.6.0
- dav: 1.9.2
- federatedfilesharing: 1.6.0
- federation: 1.6.0
- files: 1.11.0
- files_pdfviewer: 1.5.0
- files_rightclick: 0.15.1
- files_sharing: 1.8.0
- files_texteditor: 2.8.0
- files_trashbin: 1.6.0
- files_versions: 1.9.0
- files_videoplayer: 1.5.0
- gallery: 18.3.0
- issuetemplate: 0.5.0
- logreader: 2.1.0
- lookup_server_connector: 1.4.0
- mail: 0.17.0
- nextcloud_announcements: 1.5.0
- notifications: 2.4.1
- oauth2: 1.4.2
- password_policy: 1.6.0
- privacy: 1.0.0
- provisioning_api: 1.6.0
- recommendations: 0.4.0
- serverinfo: 1.6.0
- sharebymail: 1.6.0
- sociallogin: 1.16.7
- spreed: 6.0.4
- support: 1.0.0
- survey_client: 1.4.0
- systemtags: 1.6.0
- theming: 1.7.0
- theming_customcss: 1.3.0
- twofactor_backupcodes: 1.5.0
- updatenotification: 1.6.0
- viewer: 1.1.0
- workflowengine: 1.6.0
Disabled:
- admin_audit
- encryption
- files_external
- firstrunwizard
- user_ldap
Configuration (config/config.php)
{
"htaccess.RewriteBase": "/",
"memcache.local": "\OC\Memcache\APCu",
"apps_paths": [
{
"path": "/var/www/html/apps",
"url": "/apps",
"writable": false
},
{
"path": "/var/www/html/custom_apps",
"url": "/custom_apps",
"writable": true
}
],
"default_language": "de",
"default_locale": "de_DE",
"logtimezone": "Europe/Berlin",
"skeletondirectory": "",
"lost_password_link": "disabled",
"login_form_autocomplete": false,
"sort_groups_by_name": true,
"social_login_auto_redirect": true,
"allow_user_to_change_display_name": false,
"share_folder": "ungeordnete Shares",
"remember_login_cookie_lifetime": 0,
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"nextcloud.on.mydomain.com",
"on.mydomain.com"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "16.0.4.1",
"overwrite.cli.url": "https://nextcloud.on.mydomain.com",
"overwriteprotocol": "https",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"mail_smtpdebug": true,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpsecure": "tls",
"mail_smtpauth": true,
"mail_smtpauthtype": "LOGIN",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"mail_smtptimeout": 30,
"mail_smtpport": 587
}
Are you using external storage, if yes which one:
Are you using encryption:
Are you using an external user-backend, if yes which one:
Client configuration
Browser: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3338.0 Safari/537.36
Operating system: MAC OS
Logs
Web server error log
/var/log/apache2/error.log
is empty
Nextcloud log
Browser log
POST https://nextcloud.on.mydomain.com/index.php/settings/admin/mailtest 400 (Bad request)
XHR failed loading: POST «https://nextcloud.on.mydomain.com/index.php/settings/admin/mailtest».
I’m trying to send emails via Symfony with Swiftmailer. On the production server I get an error:
[2016-08-20 11:59:37] app.ERROR: Exception occurred while flushing email queue: Unable to connect with TLS encryption [] []
This is what I have in my config.yml:
swiftmailer:
transport: smtp
host: localhost
username: info@derkvanderheide.nl
password: testpw
spool: { type: memory }
encryption: tls
port: 587
Postfix is my mailserver, it was installed with Plesk.
This is my postfix main.cf:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
smtpd_tls_key_file = /etc/ssl/private/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = derkvanderheide.nl
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
mydestination = localdomain, localhost, localhost.localdomain, localhost
relayhost =
mynetworks =
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_security_level = encrypt
smtp_tls_security_level = may
smtp_use_tls = yes
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
smtpd_milters = , inet:127.0.0.1:12768
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
virtual_mailbox_limit = 0
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
smtpd_tls_ciphers = medium
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = HIGH:!aNULL:!MD5
message_size_limit = 10240000
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
This is the output from telnet:
Trying 185.57.10.237...
Connected to derkvanderheide.nl.
Escape character is '^]'.
220 derkvanderheide.nl ESMTP Postfix (Ubuntu)
ehlo localhost
250-derkvanderheide.nl
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
This is in my maillog:
Aug 20 17:06:35 vps-248826-4222 postfix/smtpd[8592]: connect from vps-248826-4222.hosted.at.hostnet.nl[127.0.0.1]
Aug 20 17:06:35 vps-248826-4222 postfix/smtpd[8592]: SSL_accept error from vps-248826-4222.hosted.at.hostnet.nl[127.0.0.1]: 0
Aug 20 17:06:35 vps-248826-4222 postfix/smtpd[8592]: warning: TLS library problem: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1262:SSL alert number 48:
Aug 20 17:06:35 vps-248826-4222 postfix/smtpd[8592]: lost connection after STARTTLS from vps-248826-4222.hosted.at.hostnet.nl[127.0.0.1]
Aug 20 17:06:35 vps-248826-4222 postfix/smtpd[8592]: disconnect from vps-248826-4222.hosted.at.hostnet.nl[127.0.0.1]
I have barely any clue what I’m doing, this is my first time messing around with a mail server.
Действия по воспроизведению
- Введите настройки (в конфигурации или через настройки) для удаленного SMTP-сервера
с STARTTLS 587 и необходимыми учетными данными для аутентификации. - Попробуйте отправить тестовое письмо через страницу настроек.
Ожидаемое поведение
Я получаю тестовое письмо.
Фактическое поведение
Когда в конфигурации включен mail_smtpdebug, я получаю следующее сообщение об ошибке (домены заменяются на «mailprovider.de» в качестве сервера почтового провайдера и «nextcloud.on.mydomain.com» для экземпляра nextcloud):
Beim Senden der E-Mail ist ein Problem aufgetreten. Bitte überprüfe Deine Einstellungen. (Фелер: невозможно подключиться с шифрованием TLS Данные журнала: ++ Запуск Swift_SmtpTransport << 220 smtp1.mailprovider.de ESMTP >> EHLO nextcloud.on.mydomain.com << 250-smtp1.mailprovider.de 250-PIPELINING 250-SIZE 51200000 250-ETRN 250-STARTTLS 250-AUTH ОБЫЧНЫЙ ВХОД 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN >> STARTTLS << 220 2.0.0 Готов к запуску TLS !! Невозможно подключиться с шифрованием TLS (код: 0))
Я получаю тестовое письмо только в том случае, если я не использую шифрование.
Детали конфигурации сервера
Операционная система: Linux 4.4.0-130-generic # 156-Ubuntu SMP Чт, 14 июня, 08:53:28 UTC 2018 x86_64
Веб-сервер : Apache / 2.4.38 (Debian) (apache2handler)
База данных: mysql 5.7.24
Версия PHP:
7.3.9
Загруженные модули: Core, date, libxml, openssl, pcre, sqlite3, zlib, ctype, curl, dom, fileinfo, filter, ftp, hash, iconv, json, mbstring, SPL, PDO, session, posix, Reflection, standard, SimpleXML , pdo_sqlite, Phar, tokenizer, xml, xmlreader, xmlwriter, mysqlnd, apache2handler, apcu, exif, gd, imagick, intl, ldap, memcached, pcntl, pdo_mysql, pdo_pgsql, redis, натрия, zip, Zend OPcache
Версия Nextcloud: 16.0.4 — 16.0.4.1
Обновлено из более старой версии Nextcloud / ownCloud или из новой установки:
Откуда вы установили Nextcloud: Официальный образ Docker
Статус подписиСписок активированных приложений
Enabled:
- accessibility: 1.2.0
- activity: 2.9.1
- calendar: 1.7.0
- cloud_federation_api: 0.2.0
- comments: 1.6.0
- dav: 1.9.2
- federatedfilesharing: 1.6.0
- federation: 1.6.0
- files: 1.11.0
- files_pdfviewer: 1.5.0
- files_rightclick: 0.15.1
- files_sharing: 1.8.0
- files_texteditor: 2.8.0
- files_trashbin: 1.6.0
- files_versions: 1.9.0
- files_videoplayer: 1.5.0
- gallery: 18.3.0
- issuetemplate: 0.5.0
- logreader: 2.1.0
- lookup_server_connector: 1.4.0
- mail: 0.17.0
- nextcloud_announcements: 1.5.0
- notifications: 2.4.1
- oauth2: 1.4.2
- password_policy: 1.6.0
- privacy: 1.0.0
- provisioning_api: 1.6.0
- recommendations: 0.4.0
- serverinfo: 1.6.0
- sharebymail: 1.6.0
- sociallogin: 1.16.7
- spreed: 6.0.4
- support: 1.0.0
- survey_client: 1.4.0
- systemtags: 1.6.0
- theming: 1.7.0
- theming_customcss: 1.3.0
- twofactor_backupcodes: 1.5.0
- updatenotification: 1.6.0
- viewer: 1.1.0
- workflowengine: 1.6.0
Disabled:
- admin_audit
- encryption
- files_external
- firstrunwizard
- user_ldap
Конфигурация (config / config.php)
{
"htaccess.RewriteBase": "/",
"memcache.local": "\OC\Memcache\APCu",
"apps_paths": [
{
"path": "/var/www/html/apps",
"url": "/apps",
"writable": false
},
{
"path": "/var/www/html/custom_apps",
"url": "/custom_apps",
"writable": true
}
],
"default_language": "de",
"default_locale": "de_DE",
"logtimezone": "Europe/Berlin",
"skeletondirectory": "",
"lost_password_link": "disabled",
"login_form_autocomplete": false,
"sort_groups_by_name": true,
"social_login_auto_redirect": true,
"allow_user_to_change_display_name": false,
"share_folder": "ungeordnete Shares",
"remember_login_cookie_lifetime": 0,
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"nextcloud.on.mydomain.com",
"on.mydomain.com"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "16.0.4.1",
"overwrite.cli.url": "https://nextcloud.on.mydomain.com",
"overwriteprotocol": "https",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"mail_smtpdebug": true,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpsecure": "tls",
"mail_smtpauth": true,
"mail_smtpauthtype": "LOGIN",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"mail_smtptimeout": 30,
"mail_smtpport": 587
}
Вы используете внешнее хранилище, если да, то какое:
Вы используете шифрование:
Вы используете внешний пользовательский бэкэнд, если да, то какой:
Конфигурация клиента
Браузер: Mozilla / 5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit / 537.36 (KHTML, например Gecko) Chrome / 66.0.3338.0 Safari / 537.36
Операционная система: MAC OS
Журналы
Журнал ошибок веб-сервера
/var/log/apache2/error.log
is empty
Журнал Nextcloud
is empty
Журнал браузера
POST https://nextcloud.on.mydomain.com/index.php/settings/admin/mailtest 400 (неверный запрос)
Ошибка загрузки XHR: POST «https://nextcloud.on.mydomain.com/index.php/settings/admin/mailtest».
-
#1
Hi,
i am connect mandrill as 587 TLS
but i cant connect my mail servers as TLS
i setup many servers before like this (mailinabox, plesk, virtualmin) and i connect always. but today i cant connect.
sorry my english.
i did http://stackoverflow.com/questions/17281669/using-smtp-gmail-and-starttls
i got 220 2.0.0 Ready to start TLS
Code:
Unable to connect with TLS encryption
Log data:
++ Starting Swift_SmtpTransport
<< 220 mail.example.com ESMTP Postfix (Ubuntu)
>> EHLO example.com
<< 250-mail.example.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
>> STARTTLS
<< 220 2.0.0 Ready to start TLS
!! Unable to connect with TLS encryptionapplication logs
Code:
#0 /var/www/example.com/htdocs/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('backend/index.p...')
#1 /var/www/example.com/htdocs/apps/common/framework/base/CApplication.php(184): CWebApplication->processRequest()
#2 /var/www/example.com/htdocs/apps/init.php(196): CApplication->run()
#3 /var/www/example.com/htdocs/index.php(18): require_once('/var/www/postag...')
#4 {main}
REQUEST_URI=/backend/index.php/dashboard/unsubscribe_growth
HTTP_REFERER=http://example.com/backend/
---
2015/05/08 09:20:34 [error] [exception.CHttpException.404] exception 'CHttpException' with message '"backend/index.php/delivery-servers/index" isteği çözümlenemedi.' in /var/www/example.com/htdocs/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /var/www/example.com/htdocs/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('backend/index.p...')
#1 /var/www/example.com/htdocs/apps/common/framework/base/CApplication.php(184): CWebApplication->processRequest()
#2 /var/www/example.com/htdocs/apps/init.php(196): CApplication->run()
#3 /var/www/example.com/htdocs/index.php(18): require_once('/var/www/postag...')
#4 {main}
REQUEST_URI=/backend/index.php/delivery-servers/index
HTTP_REFERER=http://example.com/backend/
---
2015/05/08 09:20:37 [error] [exception.CHttpException.404] exception 'CHttpException' with message '"backend/index.php/delivery-servers/index" isteği çözümlenemedi.' in /var/www/example.com/htdocs/apps/common/framework/web/CWebApplication.php:286
Stack trace:
#0 /var/www/example.com/htdocs/apps/common/framework/web/CWebApplication.php(141): CWebApplication->runController('backend/index.p...')
#1 /var/www/example.com/htdocs/apps/common/framework/base/CApplication.php(184): CWebApplication->processRequest()
#2 /var/www/example.com/htdocs/apps/init.php(196): CApplication->run()
#3 /var/www/example.com/htdocs/index.php(18): require_once('/var/www/postag...')
#4 {main}
REQUEST_URI=/backend/index.php/delivery-servers/index
HTTP_REFERER=http://example.com/backend/Last edited: May 17, 2015
-
#2
Hey,
Why don’t you use Mandrill WEB API implementation when creating a delivery server instead of SMTP ?
This will avoid this issue with your server
Thanks.
-
#3
mandrill is working. my problem is my smtp servers. i cant explain. i setup many email servers and working before. but today is not connected. i got error like in my first post.
-
#4
Ah,
Sorry, i missed that point.
I am not sure but seems to be somehow a mismatch of tls protocol, never got this error before so i am not sure how much i can help given it’s not a mailwizz error.
Did you do any updates on your server lately?
What PHP version are you suing? Have you tried upgrading it?
I’m just shooting blanks here…
-
#5
PHP 5.6.8-1+deb.sury.org~trusty+1 (cli)
yes i upgrade server on same hosting company. which is vultr.com
i am using still easyengine
-
#6
yeah, beats me, no idea for now.
maybe you can try stackoverflow.com for a question related to this issue?
-
#8
i fix it but why occurred ? i wonder.
same setup mail servers and nothing update web server. all things are same but one day i got this error.
-
#9
@selcuk akbas — It’s not related to mailwizz, it’s about what you did on your server or on your smtp server.