Results 1 to 8 of 8
  1. #1
    Join Date
    Jun 2014
    Posts
    211
    Points
    3,660
    Level
    25

    WHMCS smtp via TLS

    Hi all,

    to the other WHMCS users out there, what settings are you using for SMTP? I have been trying to gte TLS to work, but without luck. Enabling $smtp_debug='true'; in config.php I see this:

    2017-07-26 08:54:21 Connection: opening to localhost:25, timeout=300, options=array ( )
    2017-07-26 08:54:21 Connection: opened
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is ""
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "220 mail.domain.com company Mailserver ESMTP "
    2017-07-26 08:54:21 SERVER -> CLIENT: 220 mail.domain.com company Mailserver ESMTP
    2017-07-26 08:54:21 CLIENT -> SERVER: EHLO company
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is ""
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "250-mail.domain.com company Mailserver "
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is "250-mail.domain.com company Mailserver "
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "250-AUTH LOGIN PLAIN "
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is "250-mail.domain.com company Mailserver 250-AUTH LOGIN PLAIN "
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "250-AUTH=LOGIN PLAIN "
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is "250-mail.domain.com company Mailserver 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN "
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "250-STARTTLS "
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is "250-mail.domain.com company Mailserver 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-STARTTLS "
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "250-SIZE 52428800 "
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is "250-mail.domain.com company Mailserver 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-STARTTLS 250-SIZE 52428800 "
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "250-PIPELINING "
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is "250-mail.domain.com company Mailserver 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-STARTTLS 250-SIZE 52428800 250-PIPELINING "
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "250 8BITMIME "
    2017-07-26 08:54:21 SERVER -> CLIENT: 250-mail.domain.com company Mailserver 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-STARTTLS 250-SIZE 52428800 250-PIPELINING 250 8BITMIME
    2017-07-26 08:54:21 CLIENT -> SERVER: STARTTLS
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is ""
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is "220 ready for tls "
    2017-07-26 08:54:21 SERVER -> CLIENT: 220 ready for tls
    2017-07-26 08:54:21 SMTP Error: Could not connect to SMTP host.
    2017-07-26 08:54:21 CLIENT -> SERVER: QUIT
    2017-07-26 08:54:21 SMTP -> get_lines(): $data is ""
    2017-07-26 08:54:21 SMTP -> get_lines(): $str is ""
    2017-07-26 08:54:21 SERVER -> CLIENT:
    2017-07-26 08:54:21 SMTP ERROR: QUIT command failed:
    2017-07-26 08:54:21 Connection: closed
    2017-07-26 08:54:21 SMTP Error: Could not connect to SMTP host.
    Email Sending Failed - SMTP Error: Could not connect to SMTP host.
    But that only tells me, that the server is ready for TLS and that the client "couldn't connect" As soon as I disable TLS (i.e. send unencrypted) it works. That means all other settings are fine (8 bit encoding, hostname, user, password).
    Is anybody using TLS in WHMCS with an Interworx mailserver?

    Cheers,
    Michael
    Last edited by mdeinhardt; 07-26-2017 at 04:21 AM.

  2. #2
    Join Date
    Apr 2012
    Posts
    2,101
    Points
    20,806
    Level
    62
    Hi Michael

    Hope alls well

    I think your issue maybe port 587 is not open in IW firewall

    You can delete and add port 587 back into firewall and check (I do know a little while back port 587 was shown as open in firewall, but tests showed this was not open and tls failed)

    Please remember qmail/sendmail first start on port 25, then upgrades to 587, before any information is passed and when I'm back later, could find my posts re tls smtp

    I hope that helps

    Many thanks

    John

  3. The Following User Says Thank You to d2d4j For This Useful Post:


  4. #3
    Join Date
    Jun 2014
    Posts
    211
    Points
    3,660
    Level
    25
    Hi John,

    I am fine, thanks. And you? Workload a bit better?

    I did check the firewall before, but I followed your advice and deleted and re-added port 587. Unfortunately no luck
    And I tried port 25 as well as 587. Both work from my mailclient with TLS, so it must be related to WHMCS.

    Cheers,
    Michael

  5. #4
    Join Date
    Apr 2012
    Posts
    2,101
    Points
    20,806
    Level
    62
    Hi Michael

    Yes, well thanks, apart from a tooth abscess and grandchildren stopping for a few weeks

    Sorry, whmcs did not register in my 1 brain cell

    Is whmcs on the same server or different server

    Are you using whmcs 7.2.3 I think been the latest

    The issue looks likely to be no matching ciphers to use perhaps, given that client start tls and server responds with tls ready. Therefore the next sequence is to try to agree ciphers. If no ciphers can be agreed, the connection fails. Which is what looks to be happening from your excerpt

    I could be wrong though sorry and will look at our whmcs when I'm back later

    Many thanks

    John

  6. #5
    Join Date
    Jun 2014
    Posts
    211
    Points
    3,660
    Level
    25
    Yep, same server, latest version 7.2.3.

    The tooth thing has been going on for some while now, hasn't it? I wish you fast recovery..

  7. #6
    Join Date
    Apr 2012
    Posts
    2,101
    Points
    20,806
    Level
    62
    Hi Michael

    Many thanks, much appreciated

    I have had a quick look and test on our whmcs, and I believe I may have found your issue

    On your smtp server address line, I'm thinking you are using mail.yourdomain.url of your whmcs

    In qmail/sendmail, it will not show as trusted, and usually in email client setup, you see the accept untrusted domain

    If you change the smtp server address to your IW domain, as shown in ssl of IW-cp ssl certs, and leave all other details as you have set, save and test.

    This should then work lovely as the ssl on tls is correct

    I hope that makes sense and helps a little

    Many thanks

    John

  8. The Following User Says Thank You to d2d4j For This Useful Post:


  9. #7
    Join Date
    Jun 2014
    Posts
    211
    Points
    3,660
    Level
    25
    You, Sir, are a genius ;-)

    I actually had "localhost" there and it never crossed my mind that that line ever would serve more than just "where to find the smtp server".

    Thank you very much - as always!

  10. The Following User Says Thank You to mdeinhardt For This Useful Post:


  11. #8
    Join Date
    Apr 2012
    Posts
    2,101
    Points
    20,806
    Level
    62
    Hi Michael

    Glad it resolved it for you.

    I kinda think sometimes we cannot see the woods for the trees, so it often helps to ask. Mind you, I do need to call at spec savers - been blind and deaf according to my granddaughter haha

    Many thanks

    John

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •