LL:NG 2.0.8 SMTP mail FAILs to send; other webapps & standalone Net::SMTP+IO::Socket::SSL perl test script WORK
Using perl mods
Net::SMTP;
IO::Socket::SSL;
this standalone perl script,
cat ./mail-test.pl
#!/usr/bin/perl -w
use warnings;
use strict;
use Net::SMTP;
use IO::Socket::SSL;
my $mailsender = 'testuser@example2.com';
my $smtpuser = 'testuser@example2.com';
my $smtppassword = 'changeMe';
my $mailrcpt = 'testuser@example2.com';
my $smtp = Net::SMTP->new(
Debug => 1,
Timeout => 10,
Host => 'int.mx2.example.com',
Port => 50465,
SSL => 1,
LocalAddr => '10.0.1.30',
SendHello => 1,
Hello => 'int.mx1.example.com',
SSL_hostname => 'int.mx2.example.com',
SSL_client_ca_file => '/srv/ssl/myCA.crt',
SSL_ca_file => '/srv/ssl/myCA.crt',
SSL_cert_file => '/srv/ssl/int.mx1.example.com.client.EC.crt',
SSL_key_file => '/srv/ssl/int.mx1.example.com.client.EC.key',
SSL_cipher_list => 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256',
SSL_version => 'TLSv1_2',
SSL_honor_cipher_order => 1,
);
die "Could not connect to server!\n" unless $smtp;
$smtp->auth($smtpuser, $smtppassword);
$smtp->mail($mailsender);
$smtp->to($mailrcpt);
$smtp->data();
$smtp->datasend("To: testuser\@example2.com\n");
$smtp->quit;
on exec from the LL:NG host,
./mail-test.pl
works perfectly, sending mail via my target submission server; mail is delivered/received; @ console,
Net::SMTP::_SSL>>> Net::SMTP::_SSL
Net::SMTP::_SSL>>> IO::Socket::SSL(2.068)
Net::SMTP::_SSL>>> IO::Socket::IP(0.39)
Net::SMTP::_SSL>>> IO::Socket(1.40)
Net::SMTP::_SSL>>> IO::Handle(1.40)
Net::SMTP::_SSL>>> Exporter(5.74)
Net::SMTP::_SSL>>> Net::SMTP(3.11)
Net::SMTP::_SSL>>> Net::Cmd(3.11)
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 220 int.mx2.example.com Dovecot ready.
Net::SMTP::_SSL=GLOB(0x556fd9b74328)>>> EHLO int.mx1.example.com
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250-int.mx2.example.com
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250-8BITMIME
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250-AUTH PLAIN
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250-BURL imap
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250-CHUNKING
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250-ENHANCEDSTATUSCODES
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250-SIZE
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250 PIPELINING
Net::SMTP::_SSL=GLOB(0x556fd9b74328)>>> AUTH PLAIN 5jb20AdGVzdHBYmxha2Vygkl7o95kjhgb2dpYyhc3N0ZXN0cGFzcwoi7jhgGHFGlkyfjxha2Vyc0Bj==
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 235 2.7.0 Logged in.
Net::SMTP::_SSL=GLOB(0x556fd9b74328)>>> MAIL FROM:<testuser@example2.com>
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250 2.1.0 Ok
Net::SMTP::_SSL=GLOB(0x556fd9b74328)>>> RCPT TO:<testuser@example2.com>
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250 2.1.5 Ok
Net::SMTP::_SSL=GLOB(0x556fd9b74328)>>> DATA
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 354 OK
Net::SMTP::_SSL=GLOB(0x556fd9b74328)>>> To: testuser@example2.com
Net::SMTP::_SSL=GLOB(0x556fd9b74328)>>> .
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 250 2.0.0 Ok: queued as 4Bbj8J5QL5z7tx1
Net::SMTP::_SSL=GLOB(0x556fd9b74328)>>> QUIT
Net::SMTP::_SSL=GLOB(0x556fd9b74328)<<< 221 2.0.0 Bye
translating those^^ config params to
cat lmConf-1.yaml
mailFrom: testuser@example2.com
mailReplyTo: testuser@example2.com
SMTPAuthUser: 'testuser@example2.com'
SMTPAuthPass: 'changeMe'
SMTPServer: 10.50.4.65
SMTPPort: 50465
SMTPTLS: ssl
SMTPTLSOpts:
SSL_hostname: int.mx2.example.com
SSL_client_ca_file: /srv/ssl/myCA.crt
SSL_ca_file: /srv/ssl/myCA.crt
SSL_cert_file: /srv/ssl/int.mx1.example.com.client.EC.crt
SSL_key_file: /srv/ssl/int.mx1.example.com.client.EC.key
SSL_cipher_list: 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256'
SSL_version: 'TLSv1_2'
SSL_honor_cipher_order: 1
on exec of LL:NG 2.0.8's password reset 'Send me a link', send FAILs
2020/08/25 14:51:36 LLNG[4615] DEBUG: SMTP HTML flag on
2020/08/25 14:51:36 LLNG[4615] DEBUG: SMTP Reply-To testuser@example2.com
2020/08/25 14:51:36 LLNG[4615] ERROR: Send message failed: unable to establish SMTP connection to (10.50.4.65) port 50465
Trace begun at /usr/share/perl5/vendor_perl/Email/Sender/Transport/SMTP.pm line 224
Email::Sender::Transport::SMTP::_throw('Email::Sender::Transport::SMTP=HASH(0x43b62c8)', 'unable to establish SMTP connection to (10.50.4.65) port 50465') called at /usr/share/perl5/vendor_perl/Email/Sender/Transport/SMTP.pm line 174
Email::Sender::Transport::SMTP::_smtp_client('Email::Sender::Transport::SMTP=HASH(0x43b62c8)') called at /usr/share/perl5/vendor_perl/Email/Sender/Transport/SMTP.pm line 233
Email::Sender::Transport::SMTP::send_email('Email::Sender::Transport::SMTP=HASH(0x43b62c8)', 'Email::Abstract=ARRAY(0x43b87b8)', 'HASH(0x43c8e38)') called at /usr/share/perl5/vendor_perl/Email/Sender/Role/CommonSending.pm line 45
Email::Sender::Role::CommonSending::try {...} at /usr/share/perl5/vendor_perl/Try/Tiny.pm line 102
eval {...} at /usr/share/perl5/vendor_perl/Try/Tiny.pm line 93
Try::Tiny::try('CODE(0x432b798)', 'Try::Tiny::Catch=REF(0x43c5d70)') called at /usr/share/perl5/vendor_perl/Email/Sender/Role/CommonSending.pm line 58
Email::Sender::Role::CommonSending::send('Email::Sender::Transport::SMTP=HASH(0x43b62c8)', 'Email::Abstract=ARRAY(0x43b87b8)', 'HASH(0x432b390)') called at /usr/share/perl5/vendor_perl/Email/Sender/Simple.pm line 119
...
with server-side logs,
2020-08-25 14:51:36 auth: Debug: auth client connected (pid=13828)
2020-08-25 14:51:36 submission-login: Debug: smtp-server: conn 10.0.1.30:51848 [1]: Connection created
2020-08-25 14:51:36 submission-login: Debug: smtp-server: conn 10.0.1.30:51848 [1]: Sent: 220 int.mx2.example.com Dovecot ready.
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x10, ret=1: before SSL initialization
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2002, ret=-1: before SSL initialization
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS read client hello
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write server hello
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write certificate
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write key exchange
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write certificate request
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2001, ret=1: SSLv3/TLS write server done
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2002, ret=-1: SSLv3/TLS write server done
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2002, ret=-1: SSLv3/TLS write server done
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2002, ret=-1: SSLv3/TLS write server done
2020-08-25 14:51:36 submission-login: Debug: SSL alert: where=0x4004, ret=592: fatal internal error
2020-08-25 14:51:36 submission-login: Debug: SSL: where=0x2002, ret=-1: error
2020-08-25 14:51:36 submission-login: Debug: SSL error: SSL_accept() failed: error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error: SSL alert number 80
2020-08-25 14:51:36 submission-login: Debug: smtp-server: conn 10.0.1.30:51848 [1]: Disconnected: Read failure
2020-08-25 14:51:36 submission-login: Debug: smtp-server: conn 10.0.1.30:51848 [1]: Connection state reset
==> /var/log/dovecot/dovecot.log <==
2020-08-25 14:51:36 submission-login: Error: smtp-server: conn 10.0.1.30:51848 [1]: Connection lost: read((conn:10.0.1.30:51848,id=1)) failed: SSL_accept() failed: error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error: SSL alert number 80
==> /var/log/dovecot/dovecot-info.log <==
2020-08-25 14:51:36 submission-login: Info: Read failure: user=<>, rip=10.0.1.30, lip=10.50.4.65, TLS handshaking: SSL_accept() failed: error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error: SSL alert number 80
==> /var/log/dovecot/dovecot-debug.log <==
2020-08-25 14:51:36 submission-login: Debug: smtp-server: conn 10.0.1.30:51848 [1]: Connection destroy
2020-08-25 14:51:36 submission-login: Debug: smtp-server: conn 10.0.1.30:51848 [1]: Disconnected: Connection closed (fd=-1)
...
To test further, I've deployed instances of
Keycloak
Gluu
Privacy-Idea
all of which are able to send reset/notification emails, via my configured, target submission server