Emails cannot be sent via mail server due to wrong TLS connection

Hey friends, I want to create Email notifications. In the server conf I added everything necessary.

# Email transport
transport_email_enabled = true
transport_email_hostname = mail.exempel.intern
transport_email_port = 587
transport_email_use_auth = true
transport_email_auth_username = greylog@exemple.intern
transport_email_auth_password = ***
transport_email_from_email = greylog.notification@exemple.de
transport_email_socket_connection_timeout = 30s
transport_email_socket_timeout = 30s

# Encryption settings
#
# ATTENTION:
#    Using SMTP with STARTTLS *and* SMTPS at the same time is *not* possible.

# Use SMTP with STARTTLS, see https://en.wikipedia.org/wiki/Opportunistic_TLS
transport_email_use_tls = true

# Use SMTP over SSL (SMTPS), see https://en.wikipedia.org/wiki/SMTPS
# This is deprecated on most SMTP services!
#transport_email_use_ssl = true

*I had to censor the real mail and auth

  • The firewall is ÔÇťopenÔÇŁ for the port on udp and tcp
  • a ping to the mail-server is successfully
  • the password and all names and mails are correct

The logs from graylog say:

**Error:** Notification has email recipients and is triggered, but sending emails failed. Sending the email to the following server failed : mail.exemple.intern:587

and the logs from the mail-server

Eine TLS 1.2-Verbindungsanforderung wurde von einer Remoteclientanwendung empfangen, aber keine der Verschl├╝sselungssammlungen, die von der Clientanwendung unterst├╝tzt werden, wird vom Server unterst├╝tzt. Fehler bei der TLS-Verbindungsanforderung.

in english

A TLS 1.2 connection request was received from a remote client application, but none of the encryption collections supported by the client application are supported by the server. TLS connection request error

I tried to change

# The allowed TLS protocols for system wide TLS enabled servers. (e.g. message inputs, http interface)
# Setting this to an empty value, leaves it up to system libraries and the used JDK to chose a default.
# Default: TLSv1.2,TLSv1.3  (might be automatically adjusted to protocols supported by the JDK)
enabled_tls_protocols = TLSv1.2,TLSv1.3

to

# The allowed TLS protocols for system wide TLS enabled servers. (e.g. message inputs, http interface)
# Setting this to an empty value, leaves it up to system libraries and the used JDK to chose a default.
# Default: TLSv1.2,TLSv1.3  (might be automatically adjusted to protocols supported by the JDK)
enabled_tls_protocols = TLSv1.2

but nothing changed .
After every new config change i restarted Graylog

Greetings
and Thanks for your Help
Marvin

Hey @Marvin1

Does this look something like your issue?

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.