• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Disabling TLS for qmail-send

J

jhghjgh hjghgkh

Guest
My server is unable to send mail to a particular remote SMTP server - mail bounces back with 'TLS connection failed' ("(error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol)"). I suspect the remote server is advertising that it supports SSL when in fact it doesn't (my server can use SSL when communicating with other SMTP servers fine).

Is there a way to stop qmail-send from attempting to use TLS when talking to this host? I may even have to go down the route of disabling TLS completely, but can't find a way to do that.

Any thoughts please?
 
I really need to do this as well with an 8.6 system. I have looked all over for information on how to do this. If anyone can help or point me in the right direction it would be appreciated.
 
I'm half way to finding a solution - I should have been reading up on qmail-remote, not qmail-send ...

http://inoa.net/qmail-tls/qmail-remote.txt

notlshosts/<FQDN>
qmail-remote will not try TLS on servers for which
this file exists (<FQDN> is the fully-qualified
domain name of the server). (tlshosts/<FQDN>.pem
takes precedence over this file however).
Click to expand...

Going to try that shortly...
 
I'm guessing this didn't end up working? I can't find any reference to notlshosts in the qmail-remote binary that Plesk bundles so I'm thinking they're not using that specific TLS patch.
 
Same problem here.. Has anyone solved this one yet?

qmail: 1436649830.795551 delivery 3: deferral: TLS_connect_failed:_error:14082174:SSL_routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh_key_too_small;_connected_to_69.94.125.39./
 
You need to switch to postfix; the qmail-send included with Plesk has numerous issues on today's internet; sslv3, dh keys <1024, all email goes out the first ip, etc.
 
You must log in or register to reply here.

Similar threads

P
Resolved Force Plesk to use port 25 alternative (Digital Ocean refuses to open 25)
Replies
4
Views
435
Paul Larson
P
S
Issue SMTP/Qmail stop working suddenly without any cause
Replies
3
Views
537
Stephen_Stephen
S
Jan Bludau
Resolved Patch: Postfix - 37C3 - SMTP Smuggling – Spoofing E-Mails Worldwide
Replies
5
Views
1K
Peter Debik
P
S
Issue STMP QUIT / Disconnect Problem with TLS
Replies
1
Views
1K
Frank.P
Frank.P
D
Resolved Don't deliver mails locally for a specific local domain
Replies
1
Views
1K
Kaspar
K
Back
Top