Can't send messages through external connections

Hello. I’m pretty much new to the mail servers enviroment. I understand what types of connections there is, what purpose which one serves, pretty much the basics to make it work. The issue is, I have a fresh install of Axigen. Everything is working fine, including WebMail and WebAdmin. I can receive and send messages from WebMail to gmail and outlook with no issues.

My current issue is, other services, as Thunderbird, or for example, trying to send emails from a forum server, can’t connect to my SMTP server through the 465 port. It’s weird, because I can connect from my computer and send commands to my SMTP server through telnet. Watching the logs, it seems that the server just closes the connection after receiving it. I have no clue how to fix it tbh. Any help is well received. Thanks!

Little update: I tried to connect on my VPS with IP 127.0.0.1 through port 465 and Axigen doesn’t seems to respond the request. If I try with port 25, Axigen responds.

Hello,

Could you check (from example from WebAdmin) if there is a listener on port 465 (configured with SSL) configured for SMTP Receiving service? Is it enabled?

SSL listeners could be checked with openssl (and not with telnet), like:

$ openssl s_client -connect 127.0.01:465 -crlf

HTH,
Ioan

Hello, indreias!

Yeah, I found that I wasn’t using the right tool since telnet doesn’t allow secure connections. They day after I did this thread, I used OpenSSL and I was able to connect, so that part was lack of knowledge from my part.

I did some progress since the moment I did this thread. Doing a lot of research, I found that making a wildcard domain and adding a Wildcard SSL Certificate was recommended, so I did it and added that SSL certificate to SMTP Receiving (465 port) and IMAP services. Also, I added a DKIM key to my DNS and I believe that improved my domain security, so my mails are received by Gmail and Hotmail with no issues rn.

I also were able to login from Thunderbird just by changing the authentication method to simple (or something like that, I honestly don’t remember which one).

I’m now facing issues when trying to send mails from my MyBB installation through my SMTP server. The mails are sent and received by SMTP server, but gets rejected and logs with this message:

SSL_accept error:1408F10B:SSL routines:ssl3_get_record:wrong version number

Talking to some MyBB devs, they said that the system would try to send the mail starting from TLS_1.3, to TLS_1.2, and so on until it reaches SSLv3.

If I do a openssl_sclient -connect 127.0.0.1:465, the server receives the connection using the TLS_1.3 protocol, as seen here:

Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: <redacted>
    Session-ID-ctx:
    Resumption PSK: <redacted>
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    ...
    220 mail.retrolifegames.com Axigen ESMTP ready

So, I believe that it is actually receiving SMTP requests, and responding with TLS_1.3. I’m clueless why server it’s rejecting the mail commands from my MyBB installation (and seems to try with SSLv3). Hopefully you can give me a hand with this, also I know this is maybe not entirely an Axigen issue, sorry about that.

Hello, indreias!

Yeah, I found that I wasn’t using the correct tool, I tried with OpenSSL yesterday and it does connect. I actually improved a bit the mailserver, did a Wildcard Certificate and added it to my SMTP and IMAP servers on SSL ports. Also added a DKIM key to my domain, so I think I should have a decent score when sending emails to big mail services (GMail, Hotmail).

Right now, I’m facing issues to send mails from my MyBB forum. SMTP server seems to respond the petition, but it fails and logs this in WebAdmin:

SSL_accept error:1408F10B:SSL routines:ssl3_get_record:wrong version number

Talking to some MyBB developers, they told me that the mail system would try to send mails using protocols from TLS_1.3, TLS_1.2 and so on until it reaches SSLv3. Analything that log, it seems that MyBB is trying to send the mail using SSLv3 instead of TLS_1.3, that is actually received by my SMTP server as seen here:

$ openssl s_client -connect 127.0.0.1:465 -crlf
...
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: <redacted>
    Session-ID-ctx:
    Resumption PSK: <redacted>
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
...
220 mail.retrolifegames.com Axigen ESMTP ready

Also, PHP seems to support that kind of SSL protocol, as seen here:
image

I tried adding some cipher suites on SSL SMTP Receiving service, but had no luck. I know this may not be entirely Axigen issue related, but maybe you can give me some tips where I can start to fix this issue. Thanks a lot.

Hello,

In this case you will allow / adjust the axigen to received multiple protocols.

And this setting to adjust your outgoing

Jay