Closed biancapop closed 4 years ago
cosullivan
commented
4 years ago Hi @biancapop,
In your configuration where you have .Port(..., true) or if you use .IsSecure(true) set those to false.
Setting those to true means the endpoint is secure by default and in which case it will try to update the connection to SSL when the client connects rather than waiting for the client to issue a STARTTLS command.
Thanks, Cain.
biancapop
commented
4 years ago Hello Cain, Thank you very much for your response. So I did what you said and I now can se the STARTLS command when connecting with telnet but when I try to send an email the connection ends. I used openssl to debug it and all I get this message:
openssl s_client -connect generico.stampymail.com:25 -starttls smtp
CONNECTED(00000003)
140249106454416:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 178 bytes and written 324 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1583162027
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
I have no idea what I am doing wrong..
Thank you very much!
cosullivan
commented
4 years ago Hi,
Two things to check, is your X509 certificate a self signed certificate or is it signed by a trusted CA Root?
Also, what environment are you running on? Are you running this on Windows or are you running under Linux?
Thanks, Cain.
biancapop
commented
4 years ago Hello Cain, I run this on Linux and I have a self signed certificate. Thank you! :)
cosullivan
commented
4 years ago Ok, then both of those could potentially be the cause.
Firstly, with the self signed certificate it will most likely be failing validation.
When using self signed certificates you have two choices, adding them as trusted roots to your computer or ignoring the validation errors;
See this in the samples; https://github.com/cosullivan/SmtpServer/blob/master/Src/SampleApp/Examples/SecureServerExample.cs#L17
If you are using .NET Core 3.1 on Linux then this also could be an issue, see this thread; https://github.com/cosullivan/SmtpServer/issues/119
If so I would suggest trying on .NET Core 3 and see if it works firstly on that.
Thanks, Cain.
Hello, I need to create a StartTLS conexion without authentification for my smtp server. I tried all the ways you explain in the examples and documentation, even in the issues but I had no luck. This is my actual code: VERSION 1:
var options = new SmtpServerOptionsBuilder().ServerName(listen).Port(port).Port(securePort, isSecure: true).MessageStore(new MessageProcessor(Path.Combine(rootPath, dataFolderName), ini)).Certificate(new X509Certificate(cert)).Build();server = new SmtpServer.SmtpServer(options);VERSION 2:
var options = new SmtpServerOptionsBuilder().ServerName(listen).Port(port).Endpoint(builder => builder.Port(securePort, true).AuthenticationRequired(false).IsSecure(true).AllowUnsecureAuthentication(true)).MessageStore(new MessageProcessor(Path.Combine(rootPath, dataFolderName), ini)).Certificate(new X509Certificate(cert)).Build();VERSION 3: This is from your sample app:var options = new SmtpServerOptionsBuilder().ServerName(listen).Port(port).Endpoint(endpoint =>endpoint.Port(27, true).AllowUnsecureAuthentication(false).AuthenticationRequired(false)).Certificate(X509Certificate.CreateFromCertFile(cert)).MessageStore(new MessageProcessor(Path.Combine(rootPath, dataFolderName), ini)).Build();So when I send an email it just keeps hangign untill I get a timeout message. How can I achive this?