Hi,
I have a passbolt server that is no more able to send mails via SMT TLS.
the listening mail server (using postal) listens on port 25 and accepts plain text connections and TLS connections with LOGIN (username and password)
If passbolt only succeeds sending maisl when using no TLS, as soon as I enable TLS the sending mail fails.
The swaks traces look like
the swaks traces:
=== Trying mail.mydomain.com:25...
=== Connected to mail.mydomain.com.
<- 220 mail.mydomain.com ESMTP Postal/GV6ICJ7B
-> EHLO localhost
<- 250-My capabilities are
<- 250-STARTTLS
<- 250 AUTH CRAM-MD5 PLAIN LOGIN
-> STARTTLS
<- 220 Ready to start TLS
=== TLS started with cipher TLSv1.3:TLS_AES_256_GCM_SHA384:256
=== TLS no local certificate set
=== TLS peer DN="/CN=mail.mydomain.com"
~> EHLO localhost
<~ 250-My capabilities are
<~ 250 AUTH CRAM-MD5 PLAIN LOGIN
~> AUTH LOGIN
...
<~ 235 Granted for mydomain/notify
....
passbolt tells me (when trying to send the test mail)
The test email could not be sent. Kindly check the logs below for more information
and I get following log.
[
{
"cmd": null,
"response": [
{
"code": "220",
"message": "mail.mydomain.fr ESMTP Postal/3JDHAWRI"
}
]
},
{
"cmd": "EHLO bolt.mydomain.fr",
"response": [
{
"code": "250",
"message": "My capabilities are"
},
{
"code": "250",
"message": "STARTTLS"
},
{
"code": "250",
"message": "AUTH CRAM-MD5 PLAIN LOGIN"
}
]
},
{
"cmd": "STARTTLS",
"response": [
{
"code": "220",
"message": "Ready to start TLS"
}
]
}
]
Is there any way to get more traces to understand why sending mails with TLS fail.