On Thursday, 18 January 2024 17:02:44 GMT Walter Dnes wrote: > I haven't been switched over to fibre yet due to config problems, but > I'm trying to test port 587 using your settings. I recompiled mutt > adding USE="debug gnutls". With "mutt -d 2" I get the a lot of debug > output, including the following. To further complicate things, when I > switch back to the old muttrc, I get something about "no From:" I had > to rebuild without gnutls to get it working again. What do the last 2 > lines imply? > > [2024-01-18 11:36:00] Sending message... > [2024-01-18 11:36:00] Looking up smtp.ebox.ca... > [2024-01-18 11:36:00] Connecting to smtp.ebox.ca... > [2024-01-18 11:36:00] Connected to smtp.ebox.ca:587 on fd=4 > [2024-01-18 11:36:00] 4< 220 smtp.ebox.ca ESMTP Postfix (Debian/GNU) > [2024-01-18 11:36:00] 4> EHLO waltdnes.org > [2024-01-18 11:36:00] 4< 250-smtp.ebox.ca > [2024-01-18 11:36:00] 4< 250-PIPELINING > [2024-01-18 11:36:00] 4< 250-SIZE 20000000 > [2024-01-18 11:36:00] 4< 250-VRFY > [2024-01-18 11:36:00] 4< 250-ETRN > [2024-01-18 11:36:00] 4< 250-STARTTLS > [2024-01-18 11:36:00] 4< 250-ENHANCEDSTATUSCODES > [2024-01-18 11:36:00] 4< 250-8BITMIME > [2024-01-18 11:36:00] 4< 250 DSN > [2024-01-18 11:36:00] 4> STARTTLS > [2024-01-18 11:36:00] 4< 220 2.0.0 Ready to start TLS > [2024-01-18 11:36:00] gnutls_handshake: A packet with illegal or unsupported > version was received. > [2024-01-18 11:36:02] Could not negotiate TLS connection
The "no From:" complaint could be fixed by specifying in your muttrc: set from = "waltd...@waltdnes.org" The gnutls error is more cryptic. You'll have to check what certificate is sent by the server to deduce what causes the gnutls message. You can try connecting to the server with the openssl s_client: openssl s_client -connect smtp.ebox.ca\:587 -starttls smtp -showcerts or with gnutls-cli: gnutls-cli --starttls-proto smtp smtp.ebox.ca -p 587 then try to negotiate a connection: ehlo there ... Ctrl+D Gnutls should run starttls and when you enter "Ctrl+D" it will print out what in particular it has a problem with. The openssl attempt will show the certificates and you can check the whole chain, in case you missing a certificate. As long as the CA certificate is in your /etc/ssl/certs/ there shouldn't be a problem. Alternatively, add the server certificate(s) in '~/.mutt/certificates' and specify this path by setting 'set certificate_file' in your muttrc. The first time you try to connect to your server mutt should warn you if there is a mismatch between the server's certificate and your SMTP server domain CN field, or anything else. It will ask you to accept it and allow you to proceed with the connection.
signature.asc
Description: This is a digitally signed message part.
