Announcement

Collapse
No announcement yet.

which version of TSL/SSL? Problem with ports of Office365 Group Email

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    which version of TSL/SSL? Problem with ports of Office365 Group Email

    Hi there,

    we got emails back due to a problem with SPF. After contacting the Office 365 support, they advice to use smtp.office ... This requires TLS and port 578.
    In group email I cannot get it to work. It seems the port 587 is blocked or something is wrong with SSL.

    Thus, I would like to know which TLS version you use and if I can set to use TLS instead of SSL for the group email account.

    Thanks
    Tags: None
  • #2
    same issue with SMTP and port 587
    My postfix logs have the following messages:
    Feb 8 16:18:48 dedi32 postfix/smtpd[14876]: connect from unknown[10.0.3.90]
    Feb 8 16:18:48 dedi32 postfix/smtpd[14876]: SSL_accept error from unknown[10.0.3.90]: 0
    Feb 8 16:18:48 dedi32 postfix/smtpd[14876]: warning: TLS library problem: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert un
    known ca:s3_pkt.c:1487:SSL alert number 48:
    Feb 8 16:18:48 dedi32 postfix/smtpd[14876]: lost connection after STARTTLS from unknown[10.0.3.90]
    Feb 8 16:18:48 dedi32 postfix/smtpd[14876]: disconnect from unknown[10.0.3.90] ehlo=1 starttls=0/1 commands=1/2

    It seems there is a problem with the certificate which is a valid LetsEncrypt certificat. Only, Espocrm has this problem with my production postfix.

    Comment

    • #3
      I have the same problem with another apps. Use stunnel (www.stunnel.org) to fix it.
      Last edited by rorosa; 02-09-2017, 06:45 PM.
      • Likes 1

      Comment

      • #4
        Originally posted by rorosa View Post
        I have the same problem with another apps. Use stunnel (www.stunnel.org) to fix it.
        Do you think you could help a noob out and explain exactly how you got this working? It would really help me out.

        Thanks.

        Comment

        • #5
          First of all you should have full access to your server.

          Then you have to download it, for Windows there is a installation package. Once installed you have to configure (within stunnel.conf file) the local IP and port you want to use to pass throw stunnel to securize the connection. Graphical example how it works:

          Local connection on port 192.168.1.1:4553 --> Stunnel is listening this port then Stunnel securize the connection and transform to --> smtp.outook.com:587 TLS you need --> Outlook servers receive the connection securised.

          The most difficult part is to configure the stunnel.conf but here you are some examples: https://www.stunnel.org/examples.html

          There are a lot of info in forums about this program, just try to find some out!

          Good luck!
          • Likes 1

          Comment

          • #6
            Sorry, yeah, I have stunnel setup and talking with EspoCRM, my fault for not being specific, but I've just realised you guys are only using SMTP, I am trying to setup IMAP. Getting a error log like so:

            Code:
            2017.02.22 11:51:45 LOG5[8019:140107279939328]: Service [imaps] connected remote server from xxx.xxx.xxx.xxx
2017.02.22 11:51:45 LOG7[8019:140107279939328]: Remote socket (FD=14) initialized
2017.02.22 11:51:45 LOG7[8019:140107279939328]: SNI: host name: outlook.office365.com
2017.02.22 11:51:45 LOG6[8019:140107279939328]: SSL connected: new session negotiated
2017.02.22 11:51:45 LOG6[8019:140107279939328]: Negotiated TLSv1/SSLv3 ciphersuite
2017.02.22 11:51:45 LOG6[8019:140107279939328]: Compression: null, expansion: null
2017.02.22 11:51:46 LOG7[8019:140107279939328]: SSL socket closed on SSL_read
2017.02.22 11:51:46 LOG7[8019:140107279939328]: Sent socket write shutdown
2017.02.22 11:51:46 LOG5[8019:140107279939328]: Connection closed: 67 byte(s) sent to SSL, 282 byte(s) sent to socket
2017.02.22 11:51:46 LOG7[8019:140107279939328]: Remote socket (FD=14) closed
2017.02.22 11:51:46 LOG7[8019:140107279939328]: Local socket (FD=3) closed
2017.02.22 11:51:46 LOG7[8019:140107279939328]: Service [imaps] finished (0 left)
            I'm also doing this on Ubuntu LAMP

            Comment

            • #7
              Do you try the connection with another app, like Thunderbird? Just to discard a configuration mistake inside outolook 365 (like enable/auth IMAP connections)

              Comment

              • #8
                It's looking like an issue with office365 at the minute to be honest. I don't know if thats the full story, as there may be issues with stunnel/ESPO still, but for now IMAP is the culprit. It's enabled but I can't connect via IMAP from any client.

                Comment

                • #9
                  OK, just to update anyone who may be having the same problem in future, I called Microsoft customer support. there was some sort of block on IMAP, once this was removed, I was able to connect directing through ESPO, without the need stunnel.
                  • Likes 1

                  Comment

                  Previous template Next
                  Working...
                  X