Announcement

Collapse
No announcement yet.

Can HS4 Pro use STARTTLS for SMTP submissions?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Can HS4 Pro use STARTTLS for SMTP submissions?

    I just realized I have not been getting any of my normal emails from my HomeSeer server since late May. I checked my SMTP config and found I had an old server name no longer in use by outlook.com. I updated it, but it looks like STARTTLS may not be being used which is required.

    Exception sending email via smtp.office365.com (To:user@outlook.com, cc:, bcc:, Sub:[HS3]: Garage Mud Door Lock Status Change, Attach = Authenticate as SSL client failed. You might be connecting to non SSL port.

    The following are the SMTP server settings for Outlook.com / Office 365

    Server name: smtp.office365.com
    Port: 587
    Encryption method: STARTTLS

    HS4 (and HS3 before it) have the "Use SSL" checkbox in email setup, but that doesn't seem to help. Is that checkbox trying to force connections to TCP:465?

    Any ideas here or do we need to file a feature request for STARTTLS?

    #2
    I went and opened a help center item on this.

    Comment


      #3
      Smtp using STARTTLS does use port 465. Imap uses port 993 if configured to use STARTTLS.
      HS3PRO 3.0.0.500 as a Fire Daemon service, Windows 2016 Server Std Intel Core i5 PC HTPC Slim SFF 4GB, 120GB SSD drive, WLG800, RFXCom, TI103,NetCam, UltraNetcam3, BLBackup, CurrentCost 3P Rain8Net, MCsSprinker, HSTouch, Ademco Security plugin/AD2USB, JowiHue, various Oregon Scientific temp/humidity sensors, Z-Net, Zsmoke, Aeron Labs micro switches, Amazon Echo Dots, WS+, WD+ ... on and on.

      Comment


        #4
        My attempt to use the help center ended with HomeSeer being unwilling to attempt a repro and just telling me to use Gmail. My experience is attached. 😕☹
        Attached Files

        Comment


          #5
          I'm using O365 hosted mailbox without MFA and my email is working with these settings:

          Click image for larger version  Name:	SMTP Settings.PNG Views:	0 Size:	28.8 KB ID:	1410698

          Comment


            #6
            All because mail is being attempted on port 587 does not mean it's secure, it simply means STARTTLS negotiation can happen. Unless one checks the "Use SSL" box, your email is more than likely being transferred in the clear.

            Comment


              #7
              Originally posted by TC1 View Post
              All because mail is being attempted on port 587 does not mean it's secure, it simply means STARTTLS negotiation can happen. Unless one checks the "Use SSL" box, your email is more than likely being transferred in the clear.
              Click image for larger version  Name:	365 SMTP settings.PNG Views:	0 Size:	51.2 KB ID:	1410726

              Comment


                #8
                I'm not sure what the above information is suppose to prove?

                Comment


                  #9
                  Hmm. smtp-mail.outlook.com is what I was using before and it stopped working, which is why I found an article saying to switch to outlook.office365.com. I'll switch back and see if it works

                  Comment


                    #10
                    I just finished setting up MFA on my account and HS can still send email using my settings above...

                    Comment


                      #11
                      Originally posted by dbrunt View Post
                      I just finished setting up MFA on my account and HS can still send email using my settings above...
                      I can send a mail as well if Use SSL is unchecked. Check it and it fails.

                      I'm doing some network tracing now and even with use SSL unchecked it appears HS4 is going through a TLS handshake with the server. This check-box may actually be trying to force a downgrade from TLS to actual SSL in the most raw meaning of protocols themselves. Usually when you see a "Use SSL" type of checkbox it means "use encryption" since the masses tend to equate SSL as meaning encrypted. Still reading traces...

                      Comment


                        #12
                        Originally posted by scorp508 View Post

                        I can send a mail as well if Use SSL is unchecked. Check it and it fails.

                        I'm doing some network tracing now and even with use SSL unchecked it appears HS4 is going through a TLS handshake with the server. This check-box may actually be trying to force a downgrade from TLS to actual SSL in the most raw meaning of protocols themselves. Usually when you see a "Use SSL" type of checkbox it means "use encryption" since the masses tend to equate SSL as meaning encrypted. Still reading traces...
                        Office 365 SMTP doesn't use SSL, only STARTTLS (TLS 1.2)...
                        https://docs.microsoft.com/en-us/exc...-or-office-365

                        Click image for larger version

Name:	Office 365 SMTP Options.PNG
Views:	0
Size:	41.6 KB
ID:	1410758

                        Comment


                          #13
                          Originally posted by dbrunt View Post
                          Office 365 SMTP doesn't use SSL, only STARTTLS (TLS 1.2)
                          Correct.

                          In the end this may just be an odd UI choice compared to most products that threw me down a wild goose chase.

                          I'd suggest something like "Force SSL instead of TLS" rather than a simple "Use SSL". That terminology typically means "use encryption" to the masses. Still annoyed they wouldn't even attempt a repro and threw out GMail as an answer.


                          Sent from my iPhone using Tapatalk

                          Comment


                            #14
                            I hear ya...

                            Comment

                            Working...
                            X