Hi

I switched e-mail provider and I cant mail using their smtp server. When trying to mail I get an error stating Connection timeout. Socket read timeout. See attached screenshot

According to my provider I need to use TLS 1.2 but I cant find that option in Pegasus.

Help??

I have been using Pegasus very happily for 30 years or so, I dont really want to switch.

Harry van Horen

What port to you have Pegasus setup to use
The old standard port 25 that was the unencrypted port isn't available,
but it is showing 465 and 587 available?

nmap smtp.transip.email
Starting Nmap 7.93 ( https://nmap.org ) at 2023-09-26 20:51 ChST
Nmap scan report for smtp.transip.email (86.105.244.7)
Host is up (0.27s latency).
Other addresses for smtp.transip.email (not scanned): 2a01:7c8:e100:1::78e2
Not shown: 998 filtered tcp ports (no-response)
PORT STATE SERVICE
465/tcp open smtps
587/tcp open submission

Nmap done: 1 IP address (1 host up) scanned in 18.59 seconds

Then tried to send an email to myself, but of course it fails since don't have an account on that system, but the log file shows that it connnected fine. This is a dummy account jill, so password is not a real password..

21:14:12.205: --- 26 Sep 2023, 21:14:12.205 ---
21:14:12.206: Connect to 'smtp.transip.email', timeout 30 seconds, flags 16842753.
21:14:13.223: [] Setting SNI hostname to 'smtp.transip.email'
21:14:13.763: [] SSL/TLS session established
21:14:13.768: [] ECDHE-RSA-AES128-GCM-SHA256, TLSv1.2, Kx=ECDH, Au=RSA, Enc=AESGCM(12, Mac=AEAD<lf>
21:14:13.769: [] Peer's certificate name is '/CN=.transip.email'.
21:14:14.565: >> 220 submission8.mail.transip.nl ESMTP<cr><lf>
21:14:14.573: << EHLO [192.168.10.100]<cr><lf>
21:14:14.837: >> 250-submission8.mail.transip.nl<cr><lf>
21:14:14.838: >> 250-PIPELINING<cr><lf>
21:14:14.838: >> 250-SIZE 37033449<cr><lf>
21:14:14.838: >> 250-AUTH PLAIN LOGIN<cr><lf>
21:14:14.839: >> 250-AUTH=PLAIN LOGIN<cr><lf>
21:14:14.839: >> 250-ENHANCEDSTATUSCODES<cr><lf>
21:14:14.839: >> 250-8BITMIME<cr><lf>
21:14:14.840: >> 250 DSN<cr><lf>
21:14:14.897: << AUTH LOGIN<cr><lf>
21:14:15.163: >> 334 VXNlcm5hbWU6<cr><lf>
21:14:15.163: << amlsbA==<cr><lf>
21:14:15.438: >> 334 UGFzc3dvcmQ6<cr><lf>
21:14:15.438: << amlsbA==<cr><lf>
21:14:17.199: >> 535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6<cr><lf>
21:14:25.929: << QUIT<cr><lf>
21:14:26.194: >> 221 2.0.0 Bye<cr><lf>
21:14:26.197: [] OpenSSL secure session normally terminated.
21:14:26.198: --- Connection closed at 26 Sep 2023, 21:14:26.198. ---
21:14:26.198:

But seems to show the site does make an TLS 1.2 connection with no problem.
Didn't try the other port.

The SMTP configuration file it created is:

cat SMTDB8XO.PND

Pegasus Mail SMTP definition, 26 Sep 2023, 21:13:42

Title : jillsmtp
Type : SMTP
Flags1 : 2048
Flags2 : 0
Timeout : 30
Port : 465
Host : smtp.transip.email
Username : jill
Password : SEED$31143:"]#i="
Mailbox :
SSLMode : 2
Max_Msgs : 0

So, if you have a file in your mail directory, what does it have.
Note: Change the password line or remove it. In this case it is a dummy line, so didn't matter.

Hi

thank you for your reply.

I set up the smtp as they instructed me, with port 465, and that didnt work. They didnt tell me about the authentication, so I'm going to try that now.

Harry

Hi

thank you very much... it is now working perfectly.

Harry

I have the same problem .. running PMAIL 4.41 for years, but now it stopped working, as my mail provider requires TLS 1.2 ..

Can I keep using my existing PMAIL 4.41 installation, or do I need to update to PMAIL 4.80 for TLS 1.2 support?

I would recommend upgrading to the 4.81pb3 version. I've always upgraded to each new version, so not sure if there would be any issues going 4.41 to 4.81, but wouldn't expect any issues. It should take everything. One Issue with 4.80 was that locally added words to spelling checker were getting wiped out, and new words adding didn't work. So good to have a backup with the usrdict5.pmd (or usrdict3.pmd for older version). Can copy a usrdict3.pmd to usrdict5.pmd since they have same format.

As a side note: It is possible to upgrade the TLS connection by using stunnel with Pegasus.
Install and setup the system to have Pegasus connect to ISP using the Stunnel..

My stunnel.conf setup for my local ISP
[guampop]
client=yes
accept = 127.0.0.1:20996
connect = mail.guam.net:995
debug = 7
verifyChain = yes
CApath = /etc/ssl/certs
checkHost = mail.guam.net
OCSPaia = yes

[guamsmtp]
client=yes
accept = 127.0.0.1:20466
connect = smtp1.guam.net:465
debug = 7
verifyChain = yes
CApath = /etc/ssl/certs
checkHost = smtp1.guam.net
OCSPaia = yes

One then sets up the Pegasus POP3 and SMTP to connect to the local ports, and stunnel uses the openssl to connect using the TLS. So, Pegasus thinks the connection is not encrypted, but the stunnel handles the TLS connection using higher levels. I use the linux version, but the windows version should be same.