HOWTO - get SMF to work with a secure SMTP server that requires a STARTTLS cmd

Started by mr.v., July 03, 2007, 08:28:31 PM

Previous topic - Next topic

mr.v.

SMF Version: SMF 1.1.2
Hi all--

This post is less of a question and more of a HOWTO.

Anyway, I had a thread earlier asking how I could connect with an SMTP server that required TLS. Anyway, I could never get it working. I had tried tls://my.server.name but it didn't work. It kept complaining: 2: fsockopen() [<a href='function.fsockopen'>function.fsockopen</a>]: SSL operation failed with code 1. OpenSSL Error messages:
error:1408F10B:SSL routines:func(143):reason(267)
File: /var/www/journal_club/Sources/Subs-Post.php
Line: 973


Anyway, my SMTP provider (my university) requires TLS to work with the server. It also requires a STARTTLS command to be issued first.

To solve this problem I did the following:
Under Admin | Server Settings | Feature Configuration

1) changed mail type to SMTP

2) changed SMTP server to my.smtp.server
note you must NOT put in tls:// first. just leave it without the protocol type. For instance use: hxxp:smtp.hello.org [nonactive] not tls://smtp.hello.org or ssl://smtp.hello.org or any other stuff://
2) Changed SMTP port to the SMTP server port (for me it's still 25 .. other's use 587 etc etc. Change this to your server's port)
3) entered in <username> and then entered <password> twice

Then you have to modify the file Sources/Subs-Post.php:

Scroll down until you see the line (~line 945): function smtp_mail($mail_to_array, $subject, $message, $headers)

in there you should see the following if block: if ($modSettings['mail_type'] == 1 && $modSettings['smtp_username'] != '' && $modSettings['smtp_password'] != '')
        {
                // !!! These should send the CURRENT server's name, not the mail server's!

                // EHLO could be understood to mean encrypted hello...
                if (server_parse('EHLO ' . $modSettings['smtp_host'], $socket, null) == '250')
                {
                        if (!server_parse('AUTH LOGIN', $socket, '334'))
                                return false;
                        // Send the username and password, encoded.
                        if (!server_parse(base64_encode($modSettings['smtp_username']), $socket, '334'))
                                return false;
                        // The password is already encoded ;)
                        if (!server_parse($modSettings['smtp_password'], $socket, '235'))
                                return false;
                }
                elseif (!server_parse('HELO ' . $modSettings['smtp_host'], $socket, '250'))
                        return false;
        }


We have to modify that to add a STARTTLS command and begin TLS encryption on socket. The if block should be replaced with this:if ($modSettings['mail_type'] == 1 && $modSettings['smtp_username'] != '' && $modSettings['smtp_password'] != '')
        {
                // !!! These should send the CURRENT server's name, not the mail server's!

                // EHLO could be understood to mean encrypted hello...
                if (server_parse('EHLO ' . $modSettings['smtp_host'], $socket, null) == '250')
                {
                        //STARTTLS
                        server_parse('STARTTLS', $socket, null);
                        stream_socket_enable_crypto($socket,true,STREAM_CRYPTO_METHOD_TLS_CLIENT);
                        server_parse('EHLO ' . $modSettings['smtp_host'],$socket,null);

                        if (!server_parse('AUTH LOGIN', $socket, '334'))
                                return false;
                        // Send the username and password, encoded.
                        if (!server_parse(base64_encode($modSettings['smtp_username']), $socket, '334'))
                                return false;
                        // The password is already encoded ;)
                        if (!server_parse($modSettings['smtp_password'], $socket, '235'))
                                return false;
                }
                elseif (!server_parse('HELO ' . $modSettings['smtp_host'], $socket, '250'))
                        return false;
        }


Have it send a STARTTLS, then begin the TLS socket encryption, then send another EHLO, before the AUTH line begins.

Now it should work!
Hope this helps someone else!


GoofyX

... Morpheus: What is "real"? How do you define "real"? If you 're talking about what you can feel, what you can smell, what you can taste and see, then "real" is simply electrical signals interpreted by your brain...

Eammeny

OMG thank you. I use SMF 2.0 RC2 and this was a life saver. I've been trying to figure this out for DAYS! I think this should be a sticky since it took me a while to find this via google search...
ANYWAYS.... I am using MSN's live mail instead of gmail but the problem and solution is/was the same. This worked perfectly. Although, when I use a testmail.php script, it still won't send. Tough cookies I guess because my board is sending emails fine. Hope this helps others looking to try this on other versions of SMF

Alex4108

Not intentionally bumping an ancient topic, BUT

These needs to be added to some sort of documentation.  Really high end work here!  Could save tons of people who are forced to use Gmail/yahoo/hotmail as their SMTP

~ Confirmed working on 2.0 RC5

metalmaragato


complete_noob

I am not able to get this to work.  I am trying it with gmail.
No idea what I'm doing wrong but I made the code changes listed above


Mail configuration:
type=SMTP
server=smtp.gmail.com
port=587 (also tried 25, 2525, and 465)

Here is the error:
2: fsockopen() [<a href='function.fsockopen'>function.fsockopen</a>]: unable to connect to hxxp:smtp.gmail.com [nonactive]:587 (Connection timed out)File: [REMOVED]/Subs-Post.php
Line: 1332

KathyT

Did not work for me either.  The error log reads :   

Couldn't get mail server response codes


I hope someone can help me because this has been an ongoing issue that is costing me a lot of time and members. 

Illori

please start a separate thread for your issue, this thread belongs to someone else and is marked solved.

MicroGuy

This worked for me with Amazon SES. I think this should be included code in all future SMF releases.

lepidas


Irisado

Great to read that it has worked for you :).  On that note though, given the age of this topic, and the sizeable gaps between posts, it can be put to bed now.
Soñando con una playa donde brilla el sol, un arco iris ilumina el cielo, y el mar espejea iridescentemente

Advertisement: