Re: [PHP] fsockopen in phpmailer and tls
On Sat, 2008-09-06 at 14:53 -0400, Robert Cummings wrote: On Sat, 2008-09-06 at 14:38 -0400, Larry Brown wrote: On Sat, 2008-09-06 at 14:06 -0400, Robert Cummings wrote: On Sat, 2008-09-06 at 14:02 -0400, Larry Brown wrote: OK. So I broke down and re-created my mail server due to its age. I am now running the latest sendmail and it is still failing. The message in the sendmail log is ...remoteMachineIP] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA A little research is leading me to believe the client (php client script) opened the socket but didn't send anything. Now the certificate that I'm using for the server is a self signed certificate. Evolution asked if I wanted to accept the certificate when I first connected and I did. After which it worked fine. Is there a setting I must enable to accept unknown certificates when a site is first connected to? Any other ideas? Sounds like an email client issue and most likely may differ for each and every one of them. Cheers, Rob. -- I am the email client. In this case which is what I'm trying to figure out. The script fails with the original string I posted: PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:func(143):reason(267) in /opt/scriptsMain/include/class.smtp.php on line 122 I'm using the smtpmailer class and it is trying to execute fsockopen. So to simplify troubleshooting I used the following code: if(fsockopen(tls://serverName,25,$errno,$errstr, 30)) { echo Made it!\n; } else { echo Nope!\n; echo $errno.\n; echo $errstr.\n; } I get the above warning from PHP and $errno has 0 as a value and there is $errstr is empty. PHP is v5.2.6 and phpinfo shows that ssl and tls support are both compiled in. Ah, I see, I misunderstood when you mentioned Evolution. Sorry, I can't really help you, you're in foreign territory to me :/ Cheers, Rob. For posterity and to thank Robert... I have determined that the mechanism in PHP does not allow you to specify tls for a connection that initially starts off as a clear text connection. When you set up sendmail to use tls for smtp auth it allows a connecting client to send connection details specifying tls at which point it will start talking tls. PHP expects the connection to be dedicated tls. So if you specify in sendmail to use a separate port for tls and you point PHP to that port it works like a champ. Thanks to Robert for at least giving it a shot. Hopefully this will be helpful to the next poor soul... Larry -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen in phpmailer and tls
On Fri, 2008-09-05 at 00:58 -0400, Robert Cummings wrote: On Thu, 2008-09-04 at 23:20 -0400, Larry Brown wrote: I am having a ball of a time trying to figure this one out... If anyone has dealt with this before I'd love to get some morsels of wisdom from you... I am trying to connect to a postfix server I have set up remotely using smtp auth with tls. The postfix appears to be configured correctly at this point. I can telnet to port 25 and it will list tls as an option as the howto describes it should. I try to connect from php and get: PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:func(143):reason(267) in /opt/scriptsMain/include/class.smtp.php on line 122 I've googled this and someone seems very knowledgeable about it yet describes the solution in a way that a mere mortal like myself can't follow. He states in part: Look at the error message: error:1408F10B:SSL routines:func(143):reason(267) Take the reason code (267) and determine the error: grep 267 /usr/include/openssl/ssl.h /usr/include/openssl/ssl.h:#define SSL_R_WRONG_VERSION_NUMBER 267 Now google for SSL_R_WRONG_VERSION_NUMBER... ...So in your server method configuration you must put: SSL_CTX *ctx = SSL_CTX_new (SSLv23_server_method()) to correctely analyse the first client_hello message instead of SSL_CTX *ctx = SSL_CTX_new (SSLv3_server_method()) which i suppose you did So is he talking about modifying the source code in postfix and rebuilding it? Have any of you guys dealt with this?... By the way, when I started out I had a typo in the postfix config for the path to the certificates for ssl and was getting the same error message. It wasn't until I saw in the postfix mail log that it couldn't read the cert. So that was fixed but I continue to get the same message which I'm now thinking might be a red herring. Possibly a complete waste of your time... but maybe you need to configure this setting: smtp_tls_mandatory_protocols http://www.postfix.org/postconf.5.html Cheers, Rob. -- OK. So I broke down and re-created my mail server due to its age. I am now running the latest sendmail and it is still failing. The message in the sendmail log is ...remoteMachineIP] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA A little research is leading me to believe the client (php client script) opened the socket but didn't send anything. Now the certificate that I'm using for the server is a self signed certificate. Evolution asked if I wanted to accept the certificate when I first connected and I did. After which it worked fine. Is there a setting I must enable to accept unknown certificates when a site is first connected to? Any other ideas? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen in phpmailer and tls
On Sat, 2008-09-06 at 14:02 -0400, Larry Brown wrote: OK. So I broke down and re-created my mail server due to its age. I am now running the latest sendmail and it is still failing. The message in the sendmail log is ...remoteMachineIP] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA A little research is leading me to believe the client (php client script) opened the socket but didn't send anything. Now the certificate that I'm using for the server is a self signed certificate. Evolution asked if I wanted to accept the certificate when I first connected and I did. After which it worked fine. Is there a setting I must enable to accept unknown certificates when a site is first connected to? Any other ideas? Sounds like an email client issue and most likely may differ for each and every one of them. Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen in phpmailer and tls
On Sat, 2008-09-06 at 14:06 -0400, Robert Cummings wrote: On Sat, 2008-09-06 at 14:02 -0400, Larry Brown wrote: OK. So I broke down and re-created my mail server due to its age. I am now running the latest sendmail and it is still failing. The message in the sendmail log is ...remoteMachineIP] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA A little research is leading me to believe the client (php client script) opened the socket but didn't send anything. Now the certificate that I'm using for the server is a self signed certificate. Evolution asked if I wanted to accept the certificate when I first connected and I did. After which it worked fine. Is there a setting I must enable to accept unknown certificates when a site is first connected to? Any other ideas? Sounds like an email client issue and most likely may differ for each and every one of them. Cheers, Rob. -- I am the email client. In this case which is what I'm trying to figure out. The script fails with the original string I posted: PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:func(143):reason(267) in /opt/scriptsMain/include/class.smtp.php on line 122 I'm using the smtpmailer class and it is trying to execute fsockopen. So to simplify troubleshooting I used the following code: if(fsockopen(tls://serverName,25,$errno,$errstr, 30)) { echo Made it!\n; } else { echo Nope!\n; echo $errno.\n; echo $errstr.\n; } I get the above warning from PHP and $errno has 0 as a value and there is $errstr is empty. PHP is v5.2.6 and phpinfo shows that ssl and tls support are both compiled in. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen in phpmailer and tls
On Sat, 2008-09-06 at 14:38 -0400, Larry Brown wrote: On Sat, 2008-09-06 at 14:06 -0400, Robert Cummings wrote: On Sat, 2008-09-06 at 14:02 -0400, Larry Brown wrote: OK. So I broke down and re-created my mail server due to its age. I am now running the latest sendmail and it is still failing. The message in the sendmail log is ...remoteMachineIP] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA A little research is leading me to believe the client (php client script) opened the socket but didn't send anything. Now the certificate that I'm using for the server is a self signed certificate. Evolution asked if I wanted to accept the certificate when I first connected and I did. After which it worked fine. Is there a setting I must enable to accept unknown certificates when a site is first connected to? Any other ideas? Sounds like an email client issue and most likely may differ for each and every one of them. Cheers, Rob. -- I am the email client. In this case which is what I'm trying to figure out. The script fails with the original string I posted: PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:func(143):reason(267) in /opt/scriptsMain/include/class.smtp.php on line 122 I'm using the smtpmailer class and it is trying to execute fsockopen. So to simplify troubleshooting I used the following code: if(fsockopen(tls://serverName,25,$errno,$errstr, 30)) { echo Made it!\n; } else { echo Nope!\n; echo $errno.\n; echo $errstr.\n; } I get the above warning from PHP and $errno has 0 as a value and there is $errstr is empty. PHP is v5.2.6 and phpinfo shows that ssl and tls support are both compiled in. Ah, I see, I misunderstood when you mentioned Evolution. Sorry, I can't really help you, you're in foreign territory to me :/ Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] fsockopen in phpmailer and tls
I am having a ball of a time trying to figure this one out... If anyone has dealt with this before I'd love to get some morsels of wisdom from you... I am trying to connect to a postfix server I have set up remotely using smtp auth with tls. The postfix appears to be configured correctly at this point. I can telnet to port 25 and it will list tls as an option as the howto describes it should. I try to connect from php and get: PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:func(143):reason(267) in /opt/scriptsMain/include/class.smtp.php on line 122 I've googled this and someone seems very knowledgeable about it yet describes the solution in a way that a mere mortal like myself can't follow. He states in part: Look at the error message: error:1408F10B:SSL routines:func(143):reason(267) Take the reason code (267) and determine the error: grep 267 /usr/include/openssl/ssl.h /usr/include/openssl/ssl.h:#define SSL_R_WRONG_VERSION_NUMBER 267 Now google for SSL_R_WRONG_VERSION_NUMBER... ...So in your server method configuration you must put: SSL_CTX *ctx = SSL_CTX_new (SSLv23_server_method()) to correctely analyse the first client_hello message instead of SSL_CTX *ctx = SSL_CTX_new (SSLv3_server_method()) which i suppose you did So is he talking about modifying the source code in postfix and rebuilding it? Have any of you guys dealt with this?... By the way, when I started out I had a typo in the postfix config for the path to the certificates for ssl and was getting the same error message. It wasn't until I saw in the postfix mail log that it couldn't read the cert. So that was fixed but I continue to get the same message which I'm now thinking might be a red herring. -- Larry Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] fsockopen in phpmailer and tls
On Thu, 2008-09-04 at 23:20 -0400, Larry Brown wrote: I am having a ball of a time trying to figure this one out... If anyone has dealt with this before I'd love to get some morsels of wisdom from you... I am trying to connect to a postfix server I have set up remotely using smtp auth with tls. The postfix appears to be configured correctly at this point. I can telnet to port 25 and it will list tls as an option as the howto describes it should. I try to connect from php and get: PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:func(143):reason(267) in /opt/scriptsMain/include/class.smtp.php on line 122 I've googled this and someone seems very knowledgeable about it yet describes the solution in a way that a mere mortal like myself can't follow. He states in part: Look at the error message: error:1408F10B:SSL routines:func(143):reason(267) Take the reason code (267) and determine the error: grep 267 /usr/include/openssl/ssl.h /usr/include/openssl/ssl.h:#define SSL_R_WRONG_VERSION_NUMBER 267 Now google for SSL_R_WRONG_VERSION_NUMBER... ...So in your server method configuration you must put: SSL_CTX *ctx = SSL_CTX_new (SSLv23_server_method()) to correctely analyse the first client_hello message instead of SSL_CTX *ctx = SSL_CTX_new (SSLv3_server_method()) which i suppose you did So is he talking about modifying the source code in postfix and rebuilding it? Have any of you guys dealt with this?... By the way, when I started out I had a typo in the postfix config for the path to the certificates for ssl and was getting the same error message. It wasn't until I saw in the postfix mail log that it couldn't read the cert. So that was fixed but I continue to get the same message which I'm now thinking might be a red herring. Possibly a complete waste of your time... but maybe you need to configure this setting: smtp_tls_mandatory_protocols http://www.postfix.org/postconf.5.html Cheers, Rob. -- http://www.interjinn.com Application and Templating Framework for PHP -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php