| Author |
|
goochi
Newbie
Joined: 20 September 2010
Online Status: Offline
Posts: 4
|
| Posted: 20 September 2010 at 5:40am | IP Logged
|
|
|
Our Postfix server is configured to accept SASL authentication as:
-DIGEST-MD5/CRAM-MD5
-LOGIN/PLAIN but only by TLS
Directives in main.cf:
smtpd_use_tls = yes
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
On other mail clients TLS works fine, but when I try to send e-mail via WebMail I get an error:
[14:17:32.846] [SMTP] Connecting to server localhost on port 25
[14:17:32.867] [SMTP] <<: 220 mail.domain.eu ESMTP Postfix
[14:17:32.867] [SMTP] >>: EHLO test.eu
[14:17:32.867] [SMTP] <<: 250-mail.domain.eu
[14:17:32.867] [SMTP] <<: 250-PIPELINING
[14:17:32.868] [SMTP] <<: 250-SIZE
[14:17:32.868] [SMTP] <<: 250-VRFY
[14:17:32.868] [SMTP] <<: 250-ETRN
[14:17:32.868] [SMTP] <<: 250-STARTTLS
[14:17:32.868] [SMTP] <<: 250-AUTH DIGEST-MD5 CRAM-MD5
[14:17:32.868] [SMTP] <<: 250-AUTH=DIGEST-MD5 CRAM-MD5
[14:17:32.868] [SMTP] <<: 250-ENHANCEDSTATUSCODES
[14:17:32.868] [SMTP] <<: 250-8BITMIME
[14:17:32.868] [SMTP] <<: 250 DSN
[14:17:32.868] [SMTP] >>: AUTH LOGIN
[14:17:32.868] [SMTP] <<: 535 5.7.8 Error: authentication failed: encryption needed to use mechanism
[14:17:32.868] [SMTP] Error <<: 535 5.7.8 Error: authentication failed: encryption needed to use mechanism
[14:17:32.868] >>>[server_xml]>>>
Does WebMail Lite support STARTTLS in ESMTP dialog?
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 20 September 2010 at 6:43am | IP Logged
|
|
|
WebMail supports STARTTLS in case if port 587 is used. If you like, you can modify the code and supply port 25 so that STARTTLS will always be used for it. The relevant code is found in Smtp.cs:
Code:
if (server.Port == 587 && Constants.UseStartTLS)
{
server.SslMode = SslStartupMode.UseStartTlsIfSupported;
} |
|
|
Please note that STARTTLS will not be activated if it's not supported by mail server.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
rq*
Newbie
Joined: 20 September 2010
Location: Lithuania
Online Status: Offline
Posts: 21
|
| Posted: 20 September 2010 at 10:01am | IP Logged
|
|
|
While we're at it, are there any plans to introduce STARTTLS support for IMAP and POP3?
|
| Back to Top |
|
| |
rq*
Newbie
Joined: 20 September 2010
Location: Lithuania
Online Status: Offline
Posts: 21
|
| Posted: 20 September 2010 at 2:03pm | IP Logged
|
|
|
rq* wrote:
| While we're at it, are there any plans to introduce STARTTLS support for IMAP and POP3? |
|
|
Actually, this appears to be fairly easy. It took me just a few hours to make the patches for class_imap.php and for class_pop3.php! :)
|
| Back to Top |
|
| |
rq*
Newbie
Joined: 20 September 2010
Location: Lithuania
Online Status: Offline
Posts: 21
|
| Posted: 20 September 2010 at 2:25pm | IP Logged
|
|
|
here's an improved patch for class_pop3.php.
|
| Back to Top |
|
| |
rq*
Newbie
Joined: 20 September 2010
Location: Lithuania
Online Status: Offline
Posts: 21
|
| Posted: 21 September 2010 at 12:11am | IP Logged
|
|
|
Igor wrote:
WebMail supports STARTTLS in case if port 587 is used. If you like, you can modify the code and supply port 25 so that STARTTLS will always be used for it. The relevant code is found in Smtp.cs:
Code:
if (server.Port == 587 && Constants.UseStartTLS)
{
server.SslMode = SslStartupMode.UseStartTlsIfSupported;
} |
|
|
Please note that STARTTLS will not be activated if it's not supported by mail server. |
|
|
Igor, would you please explain why this was enabled only on port 587 by default? I think it makes sense to enable this on all ports.
|
| Back to Top |
|
| |
goochi
Newbie
Joined: 20 September 2010
Online Status: Offline
Posts: 4
|
| Posted: 21 September 2010 at 2:53am | IP Logged
|
|
|
Igor wrote:
WebMail supports STARTTLS in case if port 587 is used. If you like, you can modify the code and supply port 25 so that STARTTLS will always be used for it. The relevant code is found in Smtp.cs:
Code:
if (server.Port == 587 && Constants.UseStartTLS)
{
server.SslMode = SslStartupMode.UseStartTlsIfSupported;
} |
|
|
Please note that STARTTLS will not be activated if it's not supported by mail server.
--
Regards,
Igor, AfterLogic Support |
|
|
Thank You very much Igor, but I can't find Smtp.cs. Where is it? I found only something like this (line 186 in webmail/common/class_smtp.php):
if (587 == $account->MailOutPort)
{
$capa = CSmtp::ParseEhlo($out);
if ($result && in_array('STARTTLS', $capa) && USE_STARTTLS && function_exists('stream_socket_enable_crypto') && CSmtp::StartTLS($link, $log))
{
@stream_socket_enable_crypto($link, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
$result = CSmtp::ExecuteCommand($link, 'EHLO '.$ehloMsg, $log, $out);
if (!$result)
{
$result = CSmtp::ExecuteCommand($link, 'HELO '.$ehloMsg, $log, $out);
}
}
}
Is this what You mean? After changing 587 to 25 STARTTLS appear, but I get following error:
[11:41:19.101] [SMTP] Connecting to server localhost on port 25
[11:41:19.122] [SMTP] <<: 220 mail.test.eu ESMTP Postfix
[11:41:19.122] [SMTP] >>: EHLO test.eu
[11:41:19.122] [SMTP] <<: 250-mail.test.eu
[11:41:19.122] [SMTP] <<: 250-PIPELINING
[11:41:19.122] [SMTP] <<: 250-SIZE
[11:41:19.122] [SMTP] <<: 250-VRFY
[11:41:19.123] [SMTP] <<: 250-ETRN
[11:41:19.123] [SMTP] <<: 250-STARTTLS
[11:41:19.123] [SMTP] <<: 250-AUTH DIGEST-MD5 CRAM-MD5
[11:41:19.123] [SMTP] <<: 250-AUTH=DIGEST-MD5 CRAM-MD5
[11:41:19.123] [SMTP] <<: 250-ENHANCEDSTATUSCODES
[11:41:19.123] [SMTP] <<: 250-8BITMIME
[11:41:19.123] [SMTP] <<: 250 DSN
[11:41:19.123] [SMTP] >>: STARTTLS
[11:41:19.123] [SMTP] <<: 220 2.0.0 Ready to start TLS
[11:41:19.123] [SMTP] >>: EHLO test.eu
[11:41:19.124] [SMTP] <<:
[11:41:19.124] [SMTP] Error: IsSuccess fgets error
[11:41:19.124] [SMTP] >>: HELO podkarpackie.pl
[11:41:19.124] [SMTP] <<:
[11:41:19.124] [SMTP] Error: IsSuccess fgets error
Thanks for your precious help.
Goochi
|
| Back to Top |
|
| |
goochi
Newbie
Joined: 20 September 2010
Online Status: Offline
Posts: 4
|
| Posted: 21 September 2010 at 3:08am | IP Logged
|
|
|
I found also this in Postfix logs:
Sep 21 11:41:19 mail postfix/smtpd[8955]: warning: TLS library problem: 8955:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:571:
Regards,
Goochi
|
| Back to Top |
|
| |
rq*
Newbie
Joined: 20 September 2010
Location: Lithuania
Online Status: Offline
Posts: 21
|
| Posted: 21 September 2010 at 3:29am | IP Logged
|
|
|
Hm, I dropped the if-statement in class_smtp.php, and everything works fine for me. Could your setup perhaps be wrong, or maybe there are other changes that interfere?
Here are my diffs:
|
| Back to Top |
|
| |
goochi
Newbie
Joined: 20 September 2010
Online Status: Offline
Posts: 4
|
| Posted: 22 September 2010 at 2:27am | IP Logged
|
|
|
By the way - does WebMail Lite support anything more than AUTH LOGIN? I mean AUTH CRAM-MD5 or AUTH DIGEST-MD5. How to configure these settings?
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 22 September 2010 at 2:43am | IP Logged
|
|
|
PHP edition of WebMail Lite only supports AUTH LOGIN.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
MailBee.NET Objects 
MailBee.NET Queue 
MailBee Objects 
WebMail Pro PHP 
AfterLogic Aurora 
MailSuite Pro for Linux 
Unified Messaging Solution 
Search
Register
Login
Topic: How to setup WebMail Lite to STARTTLS?
Privacy policy |
Refund policy