Jump to content

5.2.13 no emails sent via SSL with authentication


SimChris

Recommended Posts

Hi, folks

upgraded to 5.2.13 today specifically to get the authenticated email feature, but doesn't appear to be working with the standard settings used by normal email system (e.g., how we log in via Thunderbird to get/send authenticated email on our server).

E.g., admin > Advanced tab

Email = SMTP with SSL

Sender name = store name

Sender's email address = store reply to/send account email (full email@email)

Outgoing SMTP host = mail.ourdomain.xyz

Outgoing SMTP port = 587

Use SMTP authentication = yes

SMTP username = [email protected] (also tried just 'account')

SMTP password = *****

So, none of the following work

1) send lost password

2) create new acct email

3) send test newsletter, of existing test newsletter file

All test emails outbound to external site so not routed internally.

On send of test newsletter with debug on:

PHP:

No Errors or Warnings

Switch back to PHPmail; works first time out.

Note, for our server to send authenticated SSL email, we also have these settings for Thunderbird:

Outgoing Server (SMTP) settings

secure - mail.ourdomain.xyz

server name = mail.ourdomain.xyz

Port: 587

username = [email protected]

Authentication method = Normal password

Connection Security = STARTTLS

I believe on first visit the email client has to "accept a new SSL" cert to create authenticated connection. Obviously the store email cannot do that.

I seem to recall some manual hack to set the SSL to not set a certificate or something? Could this be added as an actual feature or something?

So, obviously I can use the PHPmail for the time being, however I have noticed about one customer a month not getting their receipts due to the non-authenticated email send, and it remains stuck in the outgoing mail queue.

Pointers on this would be awesome. Not a newbie, and not stoopid :-) but this isn't working with the simple settings in the store admin.

Link to comment
Share on other sites

Hi, Al

sorry took me bit to circle back. My own clients pestering me today :-)

I'll test this out tomorrow and let you know; I'll bet that is the culprit.

Some anecdotal about port 587 and STARTTLS for SMTP

https://www.fastmail.fm/help/technical/ssltlsstarttls.html

copied here for reference, for anybody searching forum:

----snip-------

SMTP STARTTLS as an exception

The one real exception to the above is SMTP. However that's for a different reason again. Most email software used SMTP on port 25 to submit messages to the email server for onward transmission to the destination. However, SMTP was originally designed for transfer, not submission. So yet another port (587) was defined for message submission. Although port 587 doesn't mandate requiring STARTTLS, the use of port 587 became popular around the same time as the realisation that SSL/TLS encryption of communications between clients and servers was an important security and privacy issue.

The result is that in most cases, systems that offer message submission over port 587 require clients to use STARTLS to upgrade the connection and also require a username and password to authenticate. There has been an added benefit to this approach as well. By moving users away from using port 25 for email submission, ISPs are now able to block outgoing port 25 connections from users' computers, which were a significant source of spam due to infection with spam-sending viruses.

Currently, things seem relatively randomly split between people using SMTP SSL/TLS encrypted over port 465, and people using SMTP with STARTTLS upgrading over port 587.

-----/snip------------

Chris

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...