View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Failed to establish encrypted connection with SMTP
Log in to Ask a Question

Failed to establish encrypted connection with SMTP

email

Hello.

I'm not able to use my emails via Outlook. I'll explain all the steps I followed for better understanding.

I just finished configuring my mail server using this Linode Guide, using the default configurations and Dovecot's auto-signed SSL:

https://library.linode.com/email/postfi … 0.19-mysql">https://library.linode.com/email/postfix/postfix2.9.6-dovecot2.0.19-mysql

I tested if everything works using my Outlook. The incoming server is working perfectly but the SMTP is not.

I've found out that my ISP is blocking the port 25 and so I found this guide (link below) and edited my /etc/postfix/master.cf, uncommenting the submission line like this:

submission inet n – n – – smtpd

The guide said it'll enable to use the port 587 for outgoing emails.

http://www.faqforge.com/linux/how-to-en … n-postfix/">http://www.faqforge.com/linux/how-to-enable-port-587-submission-in-postfix/

Done that, ok. I'm using these configurations on my Outlook to connect to my email:

IMAP: mail.example.com.br - port 993 (SSL)

IMAP: mail.example.com.br - port 587 (TLS)

My SMTP requires authentication

It's still not working. If I use the port 587 using SSL, it returns the error "encryption method not supported". If I use TLS, it gives the error "failed to establish encrypted connection".

I'm having this issue for several days, I looked at several forums and with Linode Managed and nobody could solve this yet. If somebody can suggest some solution, I'd be very grateful.

Thanks.

5 Replies

I was going to try and use openssl's s_client feature to try and help you, but I doubt you own mail.example.com.br. How about some real domains?

@derfy:

I was going to try and use openssl's s_client feature to try and help you, but I doubt you own mail.example.com.br. How about some real domains?

My domain is mail.thebeach915.com.br

One problem I see is````
CONNECTED(00000003)
depth=0 O = Dovecot mail server, OU = levelcom.li484-186.members.linode.com, CN = levelcom.li484-186.members.linode.com, emailAddress = root@levelcom.li484-186.members.linode.com
verify error:num=18:self signed certificate

Your cert is using the default rDNS. You may wish to <url url="https://library.linode.com/adding-dns-records#sph_setting-reverse-dns">~~[](https://library.linode.com/adding-dns-records#sph_setting-reverse-dns)~~[change this to mail.thebeach915.com.br](https://library.linode.com/adding-dns-records#sph_setting-reverse-dns)</url> and remake the cert.

I was able to connect to port 993 with just SSL. However, 587 was a problem:````
derfy@derfy:~$ openssl s_client -starttls smtp -connect mail.thebeach915.com.br:587
CONNECTED(00000003)
3074197128:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:749:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 225 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
derfy@derfy:~$

Hopefully, others can help you futher.

I'm using my Linode with support of multiple websites, should I really set my rDNS to only one of the domains I have?

I should use thebeach915.com.br or mail.thebeach915.com.br?

It doesn't really matter. Some mail servers might frown on a generic hostname. If you do, it won't affect your websites. What you really should do is remake your dovecot ssl cert to use whatever hostname your mail server claims it is.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct