Error when trying to send alert notification via email

Hello!

My setup:

CentOS 7
Graylog version: 4.1.2+20cd592, codename *Noir*
Java version: openjdk version 1.8.0_292

The error is like this:

Error: Notification has email recipients and is triggered, but sending emails failed. Sending the email to the following server failed : FQDN:25

The Graylog server encountered an error while trying to send an email. This is the detailed error message: org.apache.commons.mail.EmailException: Sending the email to the following server failed : FQDN:25 (javax.mail.MessagingException: Could not convert socket to TLS; nested exception is: javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake)

Researching and googling showed that it’s javamail’s problem: apparently it uses TLS 1.1 by default which is prohibited by the mail server.

So, here’s the question: How do I make it use only 1.2 and higher? What’s the most correct way from Graylog’s point of view?

Thanks.

Try to use parameter:
enabled_tls_protocols = TLSv1.2

https://docs.graylog.org/en/4.1/pages/upgrade/graylog-4.1.html#tls-changes
https://docs.graylog.org/en/4.1/pages/configuration/server.conf.html#others

Funny thing, it turned out to be the other way around. It was the mail server that didn’t support TLS 1.2. not Javamail. So when Graylog tried to send an email using 1.2 version it just couldn’t negotiate.

Nevertheless, the parameter helped to find the root of the problem. Thanks!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.