Unable to send notifications



  • On previous v2.2.x I had e-mail notifications working properly, now I upgraded to v2.3.2, and I get no more mails, but see this in the log:

    /system_advanced_notifications.php: Could not send the message to xxx@xxx.xx -- Error: could not start TLS connection encryption protocol 
    

    The mail server (provided by a zimbra installation) requires STARTTLS at Secure SMTP Connection, and uses PLAIN Notification E-Mail auth mechanism.

    Any idea how to fix?



  • @robi:

    On previous v2.2.x I had e-mail notifications working properly, now I upgraded to v2.3.2, and I get no more mails, but see this in the log:

    /system_advanced_notifications.php: Could not send the message to xxx@xxx.xx -- Error: could not start TLS connection encryption protocol 
    

    The mail server (provided by a zimbra installation) requires STARTTLS at Secure SMTP Connection, and uses PLAIN Notification E-Mail auth mechanism.

    Any idea how to fix?

    First guess would be certificate trust issue.  i.e. pfSense not having CA cert for the cert the email server is using.



  • ???

    It didn't need that before…
    Can't even get it, since the mail sever is managed by a third party...

    Any other tips?



  • @robi:

    ???

    It didn't need that before…
    Can't even get it, since the mail sever is managed by a third party...

    Any other tips?

    Um, yes you've always needed it.  And it's been there.
    But just because it's been there in the past doesn't mean it's there now.

    Get the cert being sent by the email server and look at its trust chain.  If non of its trust chain certs are in "/usr/local/share/certs/ca-root-nss.crt" then it won't work.  From time to time certs get removed/added.  It is possible the cert needed for your email server has been removed.

    Here is some additional info on the subject.
    SSL/TLS Option Breaks My SMTP Notifications
    https://forum.pfsense.org/index.php?topic=115884.0


Log in to reply