Closed rabin-io closed 6 years ago
mludvig
commented
6 years ago I suspect your openssl library or perl ssl modules don’t support TLS 1.1/1.2. Does this work?
openssl s_client -connect 1.2.3.4:25What are your versions of openssl and of IO::Socket::SSL and Net::SSLeay perl modules?
Any chance I can test against your 1.2.3.4:25?
rabin-io
commented
6 years ago The above command fails as port 25 is just a clear text, but running this commad works
openssl s_client -connect testmx.rabin.io:25 -starttls smtpyou can test it your self.
mludvig
commented
6 years ago I see. Don't use --ssl with smtp-cli then, let it do STARTTLS (which is a default) and you'll be set:
~ $ smtp-cli --server testmx.rabin.io --verbose
Connection from 172.31.174.91:52090 to 192.115.4.132:25
[220] 'mx.isoc.org.il Microsoft ESMTP MAIL Service ready'
> EHLO localhost
[250] 'mx.isoc.org.il'
[250] 'PIPELINING'
[250] 'SIZE 204800000'
[250] 'ETRN'
[250] 'STARTTLS'
[250] 'ENHANCEDSTATUSCODES'
[250] '8BITMIME'
[250] 'DSN'
Starting TLS...
> STARTTLS <=== here it automatically starts TLS and connection gets encrypted
[220] '2.0.0 Ready to start TLS'
Using cipher: ECDHE-RSA-AES128-SHA256 <=== see, it's using encryption
Subject Name: /CN=mx3.isoc.org.il
Issuer Name: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
> EHLO localhost
[250] 'mx.isoc.org.il'
[250] 'PIPELINING'
[250] 'SIZE 204800000'
[250] 'ETRN'
[250] 'AUTH PLAIN LOGIN'
[250] 'AUTH=PLAIN LOGIN'
[250] 'ENHANCEDSTATUSCODES'
[250] '8BITMIME'
[250] 'DSN'
> QUIT
[221] '2.0.0 Bye'Hope that helps.
rabin-io
commented
6 years ago Thanks for the clarification.
Trying to send the mail via mail relay which only support 1.1 & 1.2 TLS fails with this message,
running this command: