Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setting up e-mail notifications under pfSense 23.01

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 642 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      highc
      last edited by highc

      Hi, just moved to a new SG2100. Trying to setup e-mail notifications to my own mail server. The data used previously (pfSense 2.6) doesn't work anymore...

      This is what I have from the old box:

      - <notifications>
- <smtp>
  <ipaddress>mail.sample.com</ipaddress> 
  <port>587</port> 
  <timeout /> 
  <notifyemailaddress>info@example.com</notifyemailaddress> 
- <username>
- <![CDATA[ xxx@example.com
  ]]> 
  </username>
  <authentication_mechanism>LOGIN</authentication_mechanism> 
  <fromaddress>xxx@example.com</fromaddress> 
- <password>
- <![CDATA[ xxx
  ]]> 
  </password>
  </smtp>
  </notifications>

      When I use this with the new 23.01 box, I'm getting an error.

      pfSense error:

      Could not send the message to info@example.com -- Error: Failed to set sender: pfsense@firewall.example.com [SMTP: Invalid response code received from server (code: 530, response: 5.7.0 Must issue a STARTTLS command first)]

      mail server (postfix) log:

      May  6 10:17:59 postamt postfix/smtpd[76434]: connect from firewall.example.com[172.16.0.1]
May  6 10:17:59 postamt postfix/smtpd[76434]: disconnect from firewall.example.com[172.16.0.1] ehlo=1 mail=0/1 rset=0/1 quit=1 commands=2/4

      How do I get pfSense to initiate STARTTLS? To my knowledge, this needs to be initiated by the connecting client.

      Thanks!

      (Edit: Found a workaround by using port 465. Still wonder how to get STARTTLS on port 587 working with pfSense)

      pfSense+ 24.03 on Netgate SG-2100 (replaced SG-2440)
      pfSense 2.6 on Super Micro 5018D-FN4T (retired)

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @highc
        last edited by

        @highc Enable the Secure SMTP Connection option. https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html says that will use it. Tbh, I sometimes have trouble getting it to connect to some mail servers and just try a bunch of options…

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        H 1 Reply Last reply Reply Quote 0
        • H
          highc @SteveITS
          last edited by

          @steveits said in Setting up e-mail notifications under pfSense 23.01:

          https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html

          Thanks for looking into this and getting back to me on a weekend. With this option activated, I am getting a different error:

          Could not send the message to xxx@example.com -- Error: Failed to connect to ssl://xxx.example.com:587 [SMTP: Failed to connect socket: fsockopen(): Unable to connect to ssl://xxx.example.com:587 (Unknown error) (code: -1, response: )]

          Related mail server log:

          May  6 15:03:04 postamt postfix/smtpd[85109]: connect from firewall.example.com[172.16.0.1]
May  6 15:03:04 postamt postfix/smtpd[85109]: lost connection after UNKNOWN from firewall.example.com[172.16.0.1]
May  6 15:03:04 postamt postfix/smtpd[85109]: disconnect from firewall.example.com[172.16.0.1] unknown=0/1 commands=0/1

          Same error, if I switch from LOGIN to PLAIN.

          I will just not worry about this any further and go ahead with port 465.

          fe7beb21-a79f-4543-b3f8-1fd580b59c0d-image.png

          Thanks again!

          pfSense+ 24.03 on Netgate SG-2100 (replaced SG-2440)
          pfSense 2.6 on Super Micro 5018D-FN4T (retired)

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            What's the email server you're trying to connect to? How is it configured? What connection type does it expect?

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.