• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Email Notifications Not Working with SSL/TLS Checked

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 2 Posters 3.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    digm
    last edited by Apr 7, 2013, 1:14 AM Apr 7, 2013, 12:31 AM

    I've configured Notifications to point to a Ubuntu server running Postfix (myhost.domain.com). I've verified that Notifications work if I use port 25/tcp without the SSL/TLS checkbox checked. As soon as I check the SSL/TLS box, I get the following error message in my pfSense system logs:

    php: /system_advanced_notifications.php: Could not send the message to myuser@mydomain.com – Error: could not connect to the host "myhost.domain.com": ??

    I've taken the time to verify that TLS authentication is successfully working on Ubuntu server by manually authenticating using telnet and setting it up as an SMTP server in Apple Mail. So I'm at a loss for why it's not working on pfSense.

    I've turned up the logging on Postfix to capture some more details and noticed it may be sending some kind of string that doesn't seem to be recognized by the postfix server.

    Apr  6 20:28:17 myhost postfix/smtpd[20568]: > me.domain.com[xx.xxx.xxx.xxx]: 220 me.domain.com ESMTP Postfix (Ubuntu)
    Apr  6 20:28:17 myhost postfix/smtpd[20568]: watchdog_pat: 0xb9245a18
    Apr  6 20:28:17 myhost postfix/smtpd[20568]: < me.domain.com[xx.xxx.xxx.xxx]: ?y???
    Apr  6 20:28:17 myhost postfix/smtpd[20568]: match_string: ?y??? ~? CONNECT
    Apr  6 20:28:17 myhost postfix/smtpd[20568]: match_string: ?y??? ~? GET
    Apr  6 20:28:17 myhost postfix/smtpd[20568]: match_string: ?y??? ~? POST
    Apr  6 20:28:17 myhost postfix/smtpd[20568]: match_list_match: ?y???: no match
    Apr  6 20:28:17 myhost postfix/smtpd[20568]: > me.domain.com[xx.xxx.xxx.xxx]: 502 5.5.2 Error: command not recognized

    Have you seen this before or have any ideas on what I might be doing wrong?

    1 Reply Last reply Reply Quote 0
    • D
      digm
      last edited by Apr 7, 2013, 1:55 AM

      I believe I've got this working, but I'm not sure why it works now. I made two changes. First, I configured pfSense to use port 465 and then I enabled smtpd_tls_wrappermode in master.cf on the postfix server.

      smtps    inet  n      -      -      -      -      smtpd
        -o syslog_name=postfix/smtps
        -o smtpd_tls_wrappermode=yes
      #  -o smtpd_sasl_auth_enable=yes
      #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
      #  -o milter_macro_daemon_name=ORIGINATING

      Any idea on why that would fix the issue?

      1 Reply Last reply Reply Quote 0
      • N
        NOYB
        last edited by Apr 8, 2013, 5:01 AM

        http://forum.pfsense.org/index.php/topic,60510.0.html

        pfSense appears to always insists on "wrapper mode"
        http://forum.pfsense.org/index.php/topic,60517.0.html

        Should be able to use the port of your choosing so long as it is configured for "wrapper mode".

        1 Reply Last reply Reply Quote 0
        1 out of 3
        • First post
          1/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received