• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Forwarded to devs Roundcube sending mail error

Dave W

Dave W

Regular Pleskian
TITLE:
Roundcube sending mail error
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
OS ‪CentOS Linux 7.6.1810 (Core)‬
Product Plesk Onyx
Version 17.8.11 Update #65, last updated on Aug 26, 2019 04:38 AM
PROBLEM DESCRIPTION:
OS ‪CentOS Linux 7.6.1810 (Core)‬
Product Plesk Onyx
Version 17.8.11 Update #65, last updated on Aug 26, 2019 04:38 AM

The server has a Positive SSL assigned for Mail, *.our-domain.tld, the servers hostname is name.our-domain.tld

Sending mail via Roundcube returns an error:
Code: 
[29-Aug-2019 15:11:47 UTC] ERROR: stream_socket_client(): unable to connect to ssl://localhost:465 (Unknown error) (0)
[29-Aug-2019 15:11:47 UTC] ERROR: Failed to connect socket: stream_socket_client(): unable to connect to ssl://localhost:465 (Unknown error) ()
[29-Aug-2019 15:11:47 +0000]: <58ijshl0> SMTP Error: Connection failed: Failed to connect socket: stream_socket_client(): unable to connect to ssl://localhost:465 (Unknown error) in /usr/share/psa-roundcube/program/lib/Roundcube/rcube.php on line 1667 (POST /?_task=mail&_unlock=loading1567091507176&_lang=en_US&_framed=1&_action=send)

Testing connections:
Code: 
 openssl s_client -showcerts -connect localhost:465

CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 289 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1567125025
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

Whereas:
Code: 
openssl s_client -showcerts -connect name.our-domain.tld:465

returns the SSL certificate correctly.

The workaround we put in place was to edit
/usr/share/psa-roundcube/config/config.inc.php

and add:
Code: 
$config['smtp_server'] = 'ssl://name.our-domain.tld';

this overrides the
Code: 
$config['smtp_server'] = 'ssl://localhost';
in /usr/share/psa-roundcube/config/defaults.inc.php

Mail in roundcude sends correctly now.​
STEPS TO REPRODUCE:
Roundcube as webmail sending mail via localhost smtp which has an SSL assigned for the hostname of the server​
ACTUAL RESULT:
Sending mail via Roundcube returns an error:
Code: 
[29-Aug-2019 15:11:47 UTC] ERROR: stream_socket_client(): unable to connect to ssl://localhost:465 (Unknown error) (0)
[29-Aug-2019 15:11:47 UTC] ERROR: Failed to connect socket: stream_socket_client(): unable to connect to ssl://localhost:465 (Unknown error) ()
[29-Aug-2019 15:11:47 +0000]: <58ijshl0> SMTP Error: Connection failed: Failed to connect socket: stream_socket_client(): unable to connect to ssl://localhost:465 (Unknown error) in /usr/share/psa-roundcube/program/lib/Roundcube/rcube.php on line 1667 (POST /?_task=mail&_unlock=loading1567091507176&_lang=en_US&_framed=1&_action=send)
EXPECTED RESULT:
Roundcube should connect to localhost and send mail without SSL or it should connect to the hostname rather than localhost as described.​
ANY ADDITIONAL INFORMATION:
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Confirm bug
 
Judging by the provided information default certificate assignment on SMTP was lost. Check /etc/postfix/main.cf:smtpd_tls_cert_file = /etc/postfix/postfix.pem configuration.
However, even if it was not, there's still a problem that would prevent Roundcube connection to SMTP with such certificates (Developers tested w/ Let's Encrypt).

As an alternative workaround, one could add the following into /usr/share/psa-roundcube/config/config.inc.php:

Code: 
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true,
),
);

See the documentation on the options here: PHP: SSL context options - Manual .

Developers have filed PPPM-10978 to resolve this issue.
 
Hi Igor,

Code: 
#grep smtpd_tls_cert_file /etc/postfix/main.cf
smtpd_tls_cert_file = /etc/postfix/postfix.pem
smtpd_tls_key_file = $smtpd_tls_cert_file

and the cert in /etc/postfix/postfix.pem is our *.domain.tld certificate.

I believe this issue only arose recently.

Oddly the code
Code: 
$config['smtp_conn_options'] = array(
   'ssl'         => array(
     'verify_peer_name'  => false,
     'allow_self_signed' => true,
   ),
);
is already in /usr/share/psa-roundcube/config/defaults.inc.php

So Roundcube "shouldnt" have been trying to verify the SSL.

If I get some time over the weekend I'll take another look.

Thanks for the reply
Dave
 
You must log in or register to reply here.

Similar threads

W
Issue Mail forwarded on the server in the target mailbox is delivered to the SPAM folder
Replies
0
Views
465
W4ru
W
M
Issue Sending mail by code (roundcube & website) won't work anymore
Replies
2
Views
2K
MatthieuBL
M
W
Issue Error when try send a mail with attached image throught Roundcube Webmail
Replies
3
Views
2K
Peter Debik
P
K
Resolved no incoming mail
Replies
6
Views
2K
Martin Dias
Martin Dias
M
Question Upgrade MariaDB 10.3 to 10.11 via Plesk 18.0.61 on Debian 10
Replies
1
Views
1K
Kaspar@Plesk
Kaspar@Plesk
Back
Top