Tor Houghton

12/04/2021, 12:18 AM
Another thing I am pondering is how best to debug the SMTP connection. tcpdump shows me the dns lookup, and a connection to the correct port (465) but the server itself (exim) gives me a "TLS error on connection from <host/ip> SSL_accept: TCP connection closed by peer", while fleetdm pops up a "sending mail: could not dial smtp host: SMTP connection error" which suggests that the "dial deadline" has been reached.


12/04/2021, 1:31 AM
What do you get if you 
curl -vv smtp://<host>:<port>
 from the host running your Fleet server?
Does your server perhaps try to negotiate a TLS connection immediately rather than using STARTTLS?

Tor Houghton

12/04/2021, 10:15 PM
When you put it that way .. 🙂 -- changed the port 25 and .. STARTTLS was triggered (X=TLS1.3:AEAD-CHACHA20-POLY1305-SHA256:256); I've been too used to forcing (mobile) clients to use TLS direct. Again, thanks!
🎉 1
🍻 1