I'm trying to send an email with the following command and I get an error about some wrong ssl version, not sure what is wrong.
root@OpenWrt_Netgear_R6220:~# mailsend -f "xyz@hotmail.com" -t "xyz@hotmail.com" -ssl -user "xyz@hotmail.com" -pass 'abcdefghijklmnop' -smtp 'smtp-mail.outlook.com' -sub "Test Email from OpenWrt" -msg-body "Test Email from OpenWrt"
Error: turn_on_raw_ssl: SSL connection failed
2012839556:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:332:
Error: Expected smtp code 220, got 0
Could not send mail
I installed mailsend with ssl package of course and it has all the necessary dependencies and it still doesn't work.
I believe openssl got installed and configured for use with nginx for the luci web interface for https connections, not sure, if this installation of openssl has somehow messed up something for mailsend, or it's not able to reference it properly.
This is what I have installed, I removed nginx, removed all openssl stuff and even removed mailsend and reinstalled just luci-ssl-openssl and reinstalled mailsend, same result.
Maybe, I never saw mailsend generating any self-signed certificate and key for itself. Luci on the other hand did generate it's own certificate and key and is working fine over https.
No, the certificates are for checking the validity of the opposite side, the server.
SSL certificate is usually validated when the connection is initiated. And some tools like wget refuse connection if you can't verify certificates (unless you override that with --no-check-certificate option)
I just sent as email to the same SMTP server using Powershell on my laptop, works fine, clearly a problem with the client (mailsend) being unable to use SSL for encryption.
Speaking of expired certificates, it appears that forum.openwrt.org SSL certificate from Let's Encrypt has expired today...
Other part is then that something is incompatible with the server.
Wrong SSL&TLS version? server requried SSL1 that has been disabled in openssl?
Or something like that.
If I use -starttls instead of -ssl, then I get the following message:
Error: MAIL FROM failed: '530 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM [MAXPR0101CA0011.INDPRD01.PROD.OUTLOOK.COM]'
Could not send mail
Have you verified the provider allows such connections; and that you've enabled it for your email account?
I know gmail requires this setting to be enabled for third-party email software...if it's still possible...some other free (older) email providers are discontinuing the ability to use other clients soon; or moving to a one-time password per login session based authentication...