SMTP decryption issue

Hi,

I have some weird issue to sending emails over 587 port.

19:18:03 XX@XXXX.eu [SMTP]  MailClient.Accounts.SocketException: Sending messages failed due to the following reason:
19:18:03     “The decryption operation failed, see inner exception.”
19:18:03    at MailClient.Protocols.Smtp.SmtpSendCommand.Execute(WorkerStatus status)
19:18:03    at MailClient.Commands.Command.Process(WorkerStatus status)

It pops out occasionally, sometimes it’s working, but sometimes not. Tried with some config changes, disabled FW/AV, all the same.

openssl can connect to server.

Any ideas?

First thing to check is that you have the correct security policy for port 587.  Change that to Force usage of SSL/TLS and see if there is any difference.

Hi, did all the settings available (SSL/TLS, Force) and when it’s not working it’s not working. Legacy throws different error (I guess they do not support it). Is there any chance to increase logging output in emClient?

There are only three combinations that work:

Port 587 = Force usage of SSL/TLS
Port 25 = Use SSL/TLS if available
Port 465 = Use SSL/TLS on special port (legacy)

Port 587 is the most secure, and port 465 should no longer be used for SMTP though I think many providers are just to lazy or scared to remove the port from their servers. ;-) 

You did not say who the email provider is. Maybe it is a know issue with them.

unas.hitrost.net

I’ve checked all mentioned combination of ports with them, right now it’s working with 587 Use SSL/TLS if available. Then, out of no reason, it will stop working and the error above will occour.

telnet/openssl both works when it can’t send, so network connection to their server is established…

thx

Yes because the security policy is incorrect. For port 587 it must be Force usage of SSL/TLS.

Something else you can try is to disable your anti-virus application and see if sending  works without a problem.

I will put Force setup and we will see. FW/AV were disabled too and nothing different. Does your app put some port rules in FW setup?

You can write to eM Client and ask, but as far as I know the applications does not alter the firewall at all.

Well, I thought this is eM Client’s forum?

Yes, this is the eM Client forum, but it is a user supported forum. As per the agreement you accepted when installing and registering a Free License, support from the company is not to be expected here. Employees do comment occasionally on major issues, by it is not guaranteed.

It is unlikely any user commenting on this forum will have the kind of information you require, so if you need specific technical information, it will be better to write to eM Client Inc. for details. If you have a Pro License, you can also open a support ticket.

Yeah, no problem, we installed it and we want to go pro, but w/o this issues if they are happening on client side. We want to exclude client from this.

It’s happening today too:

17:28:33 xxx1@ [SMTP]  Sending messages
17:28:33 xxx2@ [SMTP]  MailClient.Accounts.SocketException: Sending messages failed due to the following reason:
17:28:33     “The decryption operation failed, see inner exception.”
17:28:33    at MailClient.Protocols.Smtp.SmtpSendCommand.Execute(WorkerStatus status)
17:28:33    at MailClient.Commands.Command.Process(WorkerStatus status)
17:28:33 xxx1@[SMTP]  MailClient.Accounts.SocketException: Sending messages failed due to the following reason:
17:28:33     “Unable to write data to the transport connection: An existing connection was forcibly closed by the remote host.”
17:28:33    at MailClient.Protocols.Smtp.SmtpSendCommand.Execute(WorkerStatus status)
17:28:33    at MailClient.Commands.Command.Process(WorkerStatus status)

I’ve put “Force SSL…”, the result is the same.

Telnet is working, so I think client has connection with the server, so I guess this isn’t because of FW/AV (I can disable them and test again, but I already did it several times before).

What is “inner exception”??

What can we do?

I think you need to contact the server admin as there may be some configuration that can be changed.