Hi everyone, we migrated a PHP based ordering system from one VPS to one of a very similar spec (same CentOS, running the same PHP version and configured in the same way our end when it was first provisioned), a few weeks ago. We also haven't configured any additional security on it yet.
We've just discovered our password reset emails and order confirmation emails are not sending.
They use PHPMailer 5.2.14, and when testing with the password reset feature, all we get is this error: SMTP connect() failed. I've tried external SMTP details and I still get the same error, and there is nothing in the mail delivery reports. I've also tried removing the TLS setting and ports 25 and 465 in varying combos.
This is how we are calling PHPMailer:
Our host has also had a look and this is what they've also tried:
To begin our diagnosis, we've created a test PHPMailler script using the details in the forgotpassword.php script. When manually firing off our test script, we see the following error (when smtpdebug is set to produce detailed errors):
If we then checked the Exim log for your virtual machine, we can see the following:
2019-08-09 20:00:01 TLS error on connection from xxx.xxx.com [xx.xx.xx.xx]:42610 (SSL_accept): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
The initial debug log seems to suggest the connection can't be established subsequent to the TLS handshake. This is also implied in the secondary set of logs I've supplied, which also seems to suggest that the connection is being issued with an invalid TLS version/bad cipher.
To try and get around this, we've tried a few different things here. We've tried amending the list of ciphers within cPanel, we've attempted to force cPanel to allow weaker ciphers, we've attempted to change the minimum TLS version dovecot expects, amongst a number of others things, all to no avail.
I'd really appreciate any more ideas, things we can try or places we can look. I'm a bit stumped!
Thanks!
We've just discovered our password reset emails and order confirmation emails are not sending.
They use PHPMailer 5.2.14, and when testing with the password reset feature, all we get is this error: SMTP connect() failed. I've tried external SMTP details and I still get the same error, and there is nothing in the mail delivery reports. I've also tried removing the TLS setting and ports 25 and 465 in varying combos.
This is how we are calling PHPMailer:
Code:
$mail = new PHPMailer;
$mail->isSMTP();
$mail->Host = "mail.xxxx.co.uk";
$mail->SMTPAuth = true;
$mail->Username = "[email protected]";
$mail->Password = "xxxx";
$mail->SMTPSecure = 'tls';
$mail->Port = "587";
$mail->setFrom('[email protected]', 'xxxx');
$mail->addAddress($emailAddress, $firstName . " " . $lastName);
$mail->isHTML(true);
$mail->Subject = 'Forgot Password';
$mail->Body = $emailBody;
if($mail->send()) :
//success message
else :
//error message inc $mail->ErrorInfo.
endif;Our host has also had a look and this is what they've also tried:
To begin our diagnosis, we've created a test PHPMailler script using the details in the forgotpassword.php script. When manually firing off our test script, we see the following error (when smtpdebug is set to produce detailed errors):
Code:
[[email protected] public_html]# php test-send.php
2019-08-09 18:07:50 SERVER -> CLIENT: 220-xxx.xxx.com ESMTP Exim 4.92 #2 Fri, 09 Aug 2019 19:07:50 +0100
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
2019-08-09 18:07:50 CLIENT -> SERVER: EHLO xxx.xxx.com
2019-08-09 18:07:50 SERVER -> CLIENT: 250-xxx.xxx.com Hello xxx.xxx.com [185.151.29.34]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
2019-08-09 18:07:50 CLIENT -> SERVER: STARTTLS
2019-08-09 18:07:50 SERVER -> CLIENT: 220 TLS go ahead
2019-08-09 18:07:50 SMTP Error: Could not connect to SMTP host.
2019-08-09 18:07:50 CLIENT -> SERVER: QUIT
2019-08-09 18:07:50 SERVER -> CLIENT: ecurity failure
554 Security failure
2019-08-09 18:07:50 SMTP ERROR: QUIT command failed: ecurity failure
554 Security failure
2019-08-09 18:07:50 SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Message was not sent.Mailer error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
[[email protected] public_html]#2019-08-09 20:00:01 TLS error on connection from xxx.xxx.com [xx.xx.xx.xx]:42610 (SSL_accept): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
The initial debug log seems to suggest the connection can't be established subsequent to the TLS handshake. This is also implied in the secondary set of logs I've supplied, which also seems to suggest that the connection is being issued with an invalid TLS version/bad cipher.
To try and get around this, we've tried a few different things here. We've tried amending the list of ciphers within cPanel, we've attempted to force cPanel to allow weaker ciphers, we've attempted to change the minimum TLS version dovecot expects, amongst a number of others things, all to no avail.
I'd really appreciate any more ideas, things we can try or places we can look. I'm a bit stumped!
Thanks!
Last edited by a moderator:
