{Email}{MailMethod} does not work in TLS/SSL modes

I'm running Foswiki-2.1.8 in a container. My mail server supports TLS/SSL, but it's not enforced for connections on port 25 or for communication with Foswiki. However, to ensure that DKIM is properly applied, submission via TLS/SSL is required when sending emails from Foswiki. Additionally, user credentials are needed for authentication.

If I activate Net::SMTP (STARTTLS), I can observe that the required dependencies for secure email transmission should be in place and functioning properly:

• Net::SMTP 3.15 installed for Required for SMTP Support
• Email::Address::XS 1.05 installed for Required for parsing email addresses
• Net::SSLeay 1.92 installed for Required for Secure SMTP Support IO::Socket::SSL 2.083 installed for Required for Secure SMTP Support

Unfortunately, all connection attempts fail during the initial handshake. As I am not a Perl expert, I lack the necessary knowledge to identify the underlying issue or pinpoint the problematic spot.

I tested TLS/1.2,1.3, STARTTLS etc. against the mail server via `openssl s_client ...`, no issues (obviously). I also activated "debug" (logging). In the error log I can read (config: port 587 with StartTLS):

Debug: Tue Feb  6 15:30:39 2024 UTC: Connecting to CENSORED on port 587
Net::SMTP<<< Connected with CENSORED:587 using no encryption
Net::SMTP<<<  -- 
Net::SMTP>>> Foswiki::Net::Mail
Net::SMTP>>>  -- 
Net::SMTP>>>   Net::SMTP(3.15)
Net::SMTP>>>  -- 
Net::SMTP>>>     Foswiki::Net::Mail::SSL
Net::SMTP>>>  -- 
Net::SMTP>>>       Net::Cmd(3.15)
Net::SMTP>>>  -- 
Net::SMTP>>>         Exporter(5.77)
Net::SMTP>>>  -- 
Net::SMTP>>>       IO::Socket::IP(0.42)
Net::SMTP>>>  -- 
Net::SMTP>>>         IO::Socket(1.52)
Net::SMTP>>>  -- 
Net::SMTP>>>           IO::Handle(1.52)
Net::SMTP>>>  -- 
Net::SMTP<<< 220 CENSORED ESMTP
Net::SMTP<<<  -- 
Net::SMTP>>> EHLO CENSORED
Net::SMTP>>>  -- 
Net::SMTP<<< 250-CENSORED
Net::SMTP<<<  -- 
Net::SMTP<<< 250-PIPELINING
Net::SMTP<<<  -- 
Net::SMTP<<< 250-SIZE 10240000
Net::SMTP<<<  -- 
Net::SMTP<<< 250-ETRN
Net::SMTP<<<  -- 
Net::SMTP<<< 250-STARTTLS
Net::SMTP<<<  -- 
Net::SMTP<<< 250-ENHANCEDSTATUSCODES
Net::SMTP<<<  -- 
Net::SMTP<<< 250-8BITMIME
Net::SMTP<<<  -- 
Net::SMTP<<< 250-DSN
Net::SMTP<<<  -- 
Net::SMTP<<< 250 CHUNKING
Net::SMTP<<<  -- 
Net::SMTP>>> STARTTLS
Net::SMTP>>>  -- 
Net::SMTP<<< 220 2.0.0 Ready to start TLS
Net::SMTP<<<  -- 
Net::SMTP>>> SSL peer verification: off
Net::SMTP>>>  -- 
Net::SMTP>>> Provide Client Certificate: off
Net::SMTP>>>  --

and /bin/configure reports "ERROR: Failed to initialize SSL with CENSORED:587 - SSL connect attempt failed error:0A0C0103:SSL routines::internal error".

The mailserver reports only:

Feb  6 16:30:39 smtp postfix/submission/smtpd[426433]: connect from CENSORED[CENSORED]
Feb  6 16:30:39 smtp postfix/submission/smtpd[426433]: SSL_accept error from CENSORED[CENSORED]: lost connection
Feb  6 16:30:39 smtp postfix/submission/smtpd[426433]: lost connection after STARTTLS from CENSORED[CENSORED]
Feb  6 16:30:39 smtp postfix/submission/smtpd[426433]: disconnect from CENSORED[CENSORED] ehlo=1 starttls=0/1 commands=1/2

Do you have any insights into what might be causing this issue and how it could be resolved? I intended to showcase Foswiki as a viable option for our local enterprise, but the current situation prevents me from demonstrating its functionality reliably.

-- LeoGalambos - 06 Feb 2024

Commenting is disabled while not logged in