Announcement

Collapse
No announcement yet.

Can HS4 Pro use STARTTLS for SMTP submissions?

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Can HS4 Pro use STARTTLS for SMTP submissions?

    I just realized I have not been getting any of my normal emails from my HomeSeer server since late May. I checked my SMTP config and found I had an old server name no longer in use by outlook.com. I updated it, but it looks like STARTTLS may not be being used which is required.

    Exception sending email via smtp.office365.com (To:user@outlook.com, cc:, bcc:, Sub:[HS3]: Garage Mud Door Lock Status Change, Attach = Authenticate as SSL client failed. You might be connecting to non SSL port.

    The following are the SMTP server settings for Outlook.com / Office 365

    Server name: smtp.office365.com
    Port: 587
    Encryption method: STARTTLS

    HS4 (and HS3 before it) have the "Use SSL" checkbox in email setup, but that doesn't seem to help. Is that checkbox trying to force connections to TCP:465?

    Any ideas here or do we need to file a feature request for STARTTLS?
    Tags: None
    #2
    I went and opened a help center item on this.

    Comment

      #3
      Smtp using STARTTLS does use port 465. Imap uses port 993 if configured to use STARTTLS.
      HS3PRO 3.0.0.500 as a Fire Daemon service, Windows 2016 Server Std Intel Core i5 PC HTPC Slim SFF 4GB, 120GB SSD drive, WLG800, RFXCom, TI103,NetCam, UltraNetcam3, BLBackup, CurrentCost 3P Rain8Net, MCsSprinker, HSTouch, Ademco Security plugin/AD2USB, JowiHue, various Oregon Scientific temp/humidity sensors, Z-Net, Zsmoke, Aeron Labs micro switches, Amazon Echo Dots, WS+, WD+ ... on and on.

      Comment

        #4
        My attempt to use the help center ended with HomeSeer being unwilling to attempt a repro and just telling me to use Gmail. My experience is attached. 😕☹
        Attached Files

        Comment

          #5
          I'm using O365 hosted mailbox without MFA and my email is working with these settings:

          Click image for larger version Name: SMTP Settings.PNG Views: 0 Size: 28.8 KB ID: 1410698
          HS4 Pro Edition 4.2.5.0 running on Lenovo ThinkCenter & Debian Linux
          Plugins: Z-Wave (via Nortek USB stick
          Home Assistant 2021.10.6 running on HA "Blue" ODROID-N2
          Add-ons: Android Debug Bridge, Duck DNS, ESPHome, File Editor, Glances, HA Google Drive Backup, InfluxDB, Log Viewer, MariaDB, Mosquitto broker, NGINX SSL Proxy, Node-RED, Portainer, SSH & Web Terminal, Samba, TasmoAdmin, UniFi Controller, Visual Studio Code, WireGuard, Zigbee2mqtt, Z-Wave JS to MQTT
          Integrations: AccuWeather, Alexa Media Player, Glances, Google Nest, HACS, HomeSeer, Insteon, IPP, Life360, Local IP, Logitech Harmony Hub, Mobile App, MQTT, My Garage, OpenWeather, Spotify, Tuya Local. Ubiquiti UniFi, Z-Wave JS
          Insteon: 2413S Dual Band PLM
          Zigbee: zzh! CC2652R Rev A
          Z-Wave: RaZberry daughtercard on RPi 1B via ser2net

          Comment

            #6
            All because mail is being attempted on port 587 does not mean it's secure, it simply means STARTTLS negotiation can happen. Unless one checks the "Use SSL" box, your email is more than likely being transferred in the clear.

            Comment

              #7
              Originally posted by TC1 View Post
              All because mail is being attempted on port 587 does not mean it's secure, it simply means STARTTLS negotiation can happen. Unless one checks the "Use SSL" box, your email is more than likely being transferred in the clear.
              Click image for larger version Name: 365 SMTP settings.PNG Views: 0 Size: 51.2 KB ID: 1410726
              HS4 Pro Edition 4.2.5.0 running on Lenovo ThinkCenter & Debian Linux
              Plugins: Z-Wave (via Nortek USB stick
              Home Assistant 2021.10.6 running on HA "Blue" ODROID-N2
              Add-ons: Android Debug Bridge, Duck DNS, ESPHome, File Editor, Glances, HA Google Drive Backup, InfluxDB, Log Viewer, MariaDB, Mosquitto broker, NGINX SSL Proxy, Node-RED, Portainer, SSH & Web Terminal, Samba, TasmoAdmin, UniFi Controller, Visual Studio Code, WireGuard, Zigbee2mqtt, Z-Wave JS to MQTT
              Integrations: AccuWeather, Alexa Media Player, Glances, Google Nest, HACS, HomeSeer, Insteon, IPP, Life360, Local IP, Logitech Harmony Hub, Mobile App, MQTT, My Garage, OpenWeather, Spotify, Tuya Local. Ubiquiti UniFi, Z-Wave JS
              Insteon: 2413S Dual Band PLM
              Zigbee: zzh! CC2652R Rev A
              Z-Wave: RaZberry daughtercard on RPi 1B via ser2net

              Comment

                #8
                I'm not sure what the above information is suppose to prove?

                Comment

                  #9
                  Hmm. smtp-mail.outlook.com is what I was using before and it stopped working, which is why I found an article saying to switch to outlook.office365.com. I'll switch back and see if it works

                  Comment

                    #10
                    I just finished setting up MFA on my account and HS can still send email using my settings above...
                    HS4 Pro Edition 4.2.5.0 running on Lenovo ThinkCenter & Debian Linux
                    Plugins: Z-Wave (via Nortek USB stick
                    Home Assistant 2021.10.6 running on HA "Blue" ODROID-N2
                    Add-ons: Android Debug Bridge, Duck DNS, ESPHome, File Editor, Glances, HA Google Drive Backup, InfluxDB, Log Viewer, MariaDB, Mosquitto broker, NGINX SSL Proxy, Node-RED, Portainer, SSH & Web Terminal, Samba, TasmoAdmin, UniFi Controller, Visual Studio Code, WireGuard, Zigbee2mqtt, Z-Wave JS to MQTT
                    Integrations: AccuWeather, Alexa Media Player, Glances, Google Nest, HACS, HomeSeer, Insteon, IPP, Life360, Local IP, Logitech Harmony Hub, Mobile App, MQTT, My Garage, OpenWeather, Spotify, Tuya Local. Ubiquiti UniFi, Z-Wave JS
                    Insteon: 2413S Dual Band PLM
                    Zigbee: zzh! CC2652R Rev A
                    Z-Wave: RaZberry daughtercard on RPi 1B via ser2net

                    Comment

                      #11
                      Originally posted by dbrunt View Post
                      I just finished setting up MFA on my account and HS can still send email using my settings above...
                      I can send a mail as well if Use SSL is unchecked. Check it and it fails.

                      I'm doing some network tracing now and even with use SSL unchecked it appears HS4 is going through a TLS handshake with the server. This check-box may actually be trying to force a downgrade from TLS to actual SSL in the most raw meaning of protocols themselves. Usually when you see a "Use SSL" type of checkbox it means "use encryption" since the masses tend to equate SSL as meaning encrypted. Still reading traces...

                      Comment

                        #12
                        Originally posted by scorp508 View Post

                        I can send a mail as well if Use SSL is unchecked. Check it and it fails.

                        I'm doing some network tracing now and even with use SSL unchecked it appears HS4 is going through a TLS handshake with the server. This check-box may actually be trying to force a downgrade from TLS to actual SSL in the most raw meaning of protocols themselves. Usually when you see a "Use SSL" type of checkbox it means "use encryption" since the masses tend to equate SSL as meaning encrypted. Still reading traces...
                        Office 365 SMTP doesn't use SSL, only STARTTLS (TLS 1.2)...
                        https://docs.microsoft.com/en-us/exc...-or-office-365

                        Click image for larger version Name: Office 365 SMTP Options.PNG Views: 484 Size: 41.6 KB ID: 1410758
                        HS4 Pro Edition 4.2.5.0 running on Lenovo ThinkCenter & Debian Linux
                        Plugins: Z-Wave (via Nortek USB stick
                        Home Assistant 2021.10.6 running on HA "Blue" ODROID-N2
                        Add-ons: Android Debug Bridge, Duck DNS, ESPHome, File Editor, Glances, HA Google Drive Backup, InfluxDB, Log Viewer, MariaDB, Mosquitto broker, NGINX SSL Proxy, Node-RED, Portainer, SSH & Web Terminal, Samba, TasmoAdmin, UniFi Controller, Visual Studio Code, WireGuard, Zigbee2mqtt, Z-Wave JS to MQTT
                        Integrations: AccuWeather, Alexa Media Player, Glances, Google Nest, HACS, HomeSeer, Insteon, IPP, Life360, Local IP, Logitech Harmony Hub, Mobile App, MQTT, My Garage, OpenWeather, Spotify, Tuya Local. Ubiquiti UniFi, Z-Wave JS
                        Insteon: 2413S Dual Band PLM
                        Zigbee: zzh! CC2652R Rev A
                        Z-Wave: RaZberry daughtercard on RPi 1B via ser2net

                        Comment

                          #13
                          Originally posted by dbrunt View Post
                          Office 365 SMTP doesn't use SSL, only STARTTLS (TLS 1.2)
                          Correct.

                          In the end this may just be an odd UI choice compared to most products that threw me down a wild goose chase.

                          I'd suggest something like "Force SSL instead of TLS" rather than a simple "Use SSL". That terminology typically means "use encryption" to the masses. Still annoyed they wouldn't even attempt a repro and threw out GMail as an answer.


                          Sent from my iPhone using Tapatalk

                          Comment

                            #14
                            I hear ya...
                            HS4 Pro Edition 4.2.5.0 running on Lenovo ThinkCenter & Debian Linux
                            Plugins: Z-Wave (via Nortek USB stick
                            Home Assistant 2021.10.6 running on HA "Blue" ODROID-N2
                            Add-ons: Android Debug Bridge, Duck DNS, ESPHome, File Editor, Glances, HA Google Drive Backup, InfluxDB, Log Viewer, MariaDB, Mosquitto broker, NGINX SSL Proxy, Node-RED, Portainer, SSH & Web Terminal, Samba, TasmoAdmin, UniFi Controller, Visual Studio Code, WireGuard, Zigbee2mqtt, Z-Wave JS to MQTT
                            Integrations: AccuWeather, Alexa Media Player, Glances, Google Nest, HACS, HomeSeer, Insteon, IPP, Life360, Local IP, Logitech Harmony Hub, Mobile App, MQTT, My Garage, OpenWeather, Spotify, Tuya Local. Ubiquiti UniFi, Z-Wave JS
                            Insteon: 2413S Dual Band PLM
                            Zigbee: zzh! CC2652R Rev A
                            Z-Wave: RaZberry daughtercard on RPi 1B via ser2net

                            Comment

                              #15
                              see this thread for the latest

                              https://forums.homeseer.com/forum/ho...got-it-to-work
                              Mark

                              HS3 Pro 4.2.19.5
                              Hardware: Insteon Serial PLM | AD2USB for Vista Alarm | HAI Omnistat2 | 1-Wire HA7E | RFXrec433 | Dahua Cameras | LiftMaster Internet Gateway | Tuya Smart Plugs
                              Plugins: Insteon (mine) | Vista Alarm (mine) | Omnistat 3 | Ultra1Wire3 | RFXCOM | HS MyQ | BLRadar | BLDenon | Tuya | Jon00 Charting | Jon00 Links
                              Platform: Windows Server 2022 Standard, i5-12600K/3.7GHz/10 core, 16GB RAM, 500GB SSD

                              Comment

                              Previous template Next
                              Working...
                              X