Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
This module was working beautifully until Friday when our email provider turned off TLS 1.0 support and now no email will send on any port with SSL or TLS. It was working on port 587 with TLS encryption. I can't see any other settings I can change, but the settings are the same as my email, so I am presuming it's the underlying code that is still trying to use TLS 1.0, rather than 1.1 or 1.2
Can this be checked and actioned if needed ASAP please? If I have got the wrong end of the stick, please forgive me.
Comment | File | Size | Author |
---|---|---|---|
#48 | smtp_7.x-1.7-2983132-48.patch | 1.43 KB | JParkinson1991 |
#31 | smtp-tlsv1_1-2983132-31.patch | 984 bytes | wundo |
#17 | smtp-tlsv1_1-2983132-17.patch | 885 bytes | goron |
|
Comments
Comment #2
christine1126 CreditAttribution: christine1126 commentedI had same issue, it was working on port 587 with TLS encryption, our SMTP server is sendgrid, it stops working since last week.
Comment #3
christine1126 CreditAttribution: christine1126 commentedSorry, my mail issue isn't caused by TLS, our system enabled the whitelist in sendgrid, so site mail stops work.
Comment #4
cosolom CreditAttribution: cosolom commentedTry this patch https://www.drupal.org/project/smtp/issues/2295773#comment-12685360. There added some options for ssl connect. May help.
Comment #5
focal55 CreditAttribution: focal55 commentedWe experience trouble with this as well. We are using SparkPost and they sent out a notification about deprecating TLSv1.0 on July 9th although it just started effecting us today. During debugging we found a simple change in the smtp.transport.inc file can set up TLSv1.1 which Sparkpost supports. Attached is the simple patch.
Comment #6
bburg@focal55, Also using Sparkpost and running into this issue, I'll give your patch a test.
Comment #7
fpignata CreditAttribution: fpignata commented@focal55.. thank you.. the patch work here.
Comment #8
bburgHello,
Here is a patch compatible with the 8.x version of this module.
Edit: Re-queued test for 8.x.
Comment #9
bburgComment #11
bburgThis is odd, in some of my environments, STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT is an undefined constant. But it is defined in some environments. Where does this come from?
Comment #12
bburgNow I'm getting this warning:
Message Warning: stream_socket_enable_crypto() expects parameter 3 to be long, string given in Drupal\smtp\PHPMailer\SMTP->StartTLS() (line 199 of /srv/bindings/706e44ccf02148479a543d125acb8a4d/code/web/modules/contrib/smtp/src/PHPMailer/SMTP.php) #0
I don't think it's causing any specific problems, but it probably should be dealt with.
Also, anyone using the patches in #5 or #8 will also need to be sure they are using at least PHP 5.6 as that constant was not introduced until that version (does the module specify this as a dependency?).
Comment #13
JoseCarlosss CreditAttribution: JoseCarlosss commented#5 test in Sparkpost and works, thank you focal
Comment #14
zkrzyzanowski CreditAttribution: zkrzyzanowski commentedI'm unable to apply the patch from #5 since we're on php 4.4.45, which doesn't have the constant STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT defined. I hardcoded the value for that, 17, and get a success message and the following error:
Notice: Undefined variable: rply in SMTP->Quit() (line 613 of /var/www/vhosts/github/alta.bcorporation.net/sites/all/modules/contrib/smtp/smtp.transport.inc).
Mail fails to send.
Comment #15
bburg@zkrzyzanowski,
PHP 4.4 went end of life almost 10 years ago: http://php.net/eol.php. You should upgrade your PHP.
Comment #16
Steven Jones CreditAttribution: Steven Jones at ComputerMinds commentedThe patch in #5 works nicely for me. However, as others point out, you do need PHP5.6+
Also would it make sense to enable TLS v2 too:
Comment #17
goron CreditAttribution: goron commentedHere's a patch for 7.x that uses the approach from the current version of PHPMailer to use the higher version constants if available but still default to the older one if needed (so as to not causes php warnings/errors on those environments).
Comment #18
Steven Jones CreditAttribution: Steven Jones at ComputerMinds commentedPatch in #17 works a treat!
Comment #19
goron CreditAttribution: goron commentedComment #21
Greg Varga CreditAttribution: Greg Varga commentedFor everybody, who is getting the "StartTLS not supported by server or could not initiate session." error. (Sparkpost, dotMailer, etc)
Drupal 7
PHP: 5.6.7 and above inc. PHP 7.x
SMTP module: 7.x-1.7
How to fix?
- Find the smtp.transport.inc file in SMTP module.
- Go to line 200
- Update the following line so they look like this:
What happened?
- TLSv1.0 has been deprecated (https://www.sparkpost.com/docs/tech-resources/tlsv1-0-test-hostname)
but the current version of the SMTP module PHP Mailer implementation only uses TLSv1.0.
Source: https://secure.php.net/manual/en/function.stream-socket-enable-crypto.ph...
Thank you @focal55 #5 & @steven-jones #16 for the ideas.
I hope this helps someone.
Comment #22
zkrzyzanowski CreditAttribution: zkrzyzanowski commented@bburg,
I had a typo on that one, we're on 5.4.45. Upgrading isn't an option for us at the moment, as we've got a pending site launch in the next few weeks and don't have time to test everything that might break as a result of the upgrade.
Comment #23
hassan.farooq121 CreditAttribution: hassan.farooq121 commentedPatch in #5 is not working form. My config:
PHP: 5.6.32
MySQL: 5.5
module version: 7.x-1.7
Comment #24
nubeli CreditAttribution: nubeli as a volunteer commented@goron looks like you patch is for 7.x but was tested with 8.x.
Comment #25
goron CreditAttribution: goron commented@nubeli you're right. I re-queued for 7.x.
Comment #26
goron CreditAttribution: goron commentedComment #27
Steven Jones CreditAttribution: Steven Jones at ComputerMinds commented@hassan.farooq121 can you try the patch in #17.
Maintainers: the patch in #17 looks RTBC imho, but obviously this issue is still against version 8.x-1.x-dev so I'm not going to set it to RTBC.
Comment #28
wundo CreditAttribution: wundo at Chuva Inc. commentedComment #29
wundo CreditAttribution: wundo at Chuva Inc. commentedComment #30
wundo CreditAttribution: wundo at Chuva Inc. commentedMaintainer here, in case someone wants to test it, here is the PR in github for this issue: https://github.com/chuva-inc/drupal-smtp/pull/7
Comment #31
wundo CreditAttribution: wundo at Chuva Inc. commentedPort from #17 to 8.x.
PR is here: https://github.com/chuva-inc/drupal-smtp/pull/8
Comment #33
wundo CreditAttribution: wundo at Chuva Inc. commentedFixed the tests in PHP 5.* re-testing.
Comment #34
nubeli CreditAttribution: nubeli as a volunteer commentedPatch in #31 works.
Comment #36
J-LeeThe path from #31 couldn't apply to the latest dev.
This one should.
Comment #38
J-LeeMy fault. Patch #31 apply but there is another issue. Sorry
Comment #39
J-LeeSuccessfully applied patch # 31.
All tests are passed in my environment.
I put it back to RTBC.
Comment #40
wturrell CreditAttribution: wturrell as a volunteer commentedThis patch worked on a previous site, but I'm now seeing the same problem I had before:
Symptoms: 'Send test e-mail' working via Postmarkapp as intended, real emails ignoring the smtp settings and just using default PHP mail)
This is on a new site that's running PHP 7.3.4-2 (Debian 10).
Here are the values of the constants reference in the patch, if it's of any debugging use:
STREAM_CRYPTO_METHOD_TLS_CLIENT
= 9 on PHP 7.1.30 (smtp works), 57 on 7.3.4 (broken)STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
= 33 on both.I tried changing the port from 587 to 25 and turning TLS off, but that made no difference either.
Anyone else seen this yet?
Comment #41
wturrell CreditAttribution: wturrell as a volunteer commentedApologies - I wrote that late last night, and of course this issue is absolutely nothing to do with my problem (was just coincidence).
This is actually the solution (a config change is needed, currently not well documented):
#3003639: Emails don't obey module settings (even though 'Test email' works) without configuring default system.mail interface
Sorry for posting in wrong place.
Comment #44
wundo CreditAttribution: wundo at Chuva Inc. commentedComment #46
davej CreditAttribution: davej commentedThanks for this fix! Would you consider putting out a 7.x release including the fix? Would be much appreciated, as TLS v1.0 is rightly disappearing.
Comment #47
yaach CreditAttribution: yaach commentedI'm still having the similar issue.
In my case the SMTP server that I need to connect only accepts TLS1.0, and there is no way to tell them to upgrade or it will take longer.
The handshake is not working because I believe the client (Drupal site) has a higher protocol than the server.
How can I solve this?
Comment #48
JParkinson1991 CreditAttribution: JParkinson1991 commentedUpdated patch for use with 7.x-1.7. Noticed previous patch has already been applied to development branch so not included here.
Patch checks for all available
STREAM_CRYPTO_METHOD_TLS_CLIENT
constants and uses those that are found when initialising connections.Comment #49
igorski CreditAttribution: igorski commentedI can confirm that the patch in #48 works fine.