Question
IBM India
US
Last activity: 26 Jun 2017 18:56 EDT
Email Account (Sender) TLS port issue
My System is trying to connect with email server on port 25. Recently email server enable TLS on port 25. My application is not able to connect with email server. As per Pega help TLSSTAR will work on port 587. I checked with email server team and they don't have port 587 opened for TLS...Is there any config where i can use TLSSTAR on port 25?
Accepted Solution
IBM India
US
I got my answer. it was JVM cert issue...
Pegasystems Inc.
US
Hi Samir,
Can you confirm if your mail server supports STARTTLS?
Please post your Email Account rule from screenshot and test connectivity result with Pega version?
AFAIK, one can specify the port in Pega based on the mail server protocol if it's SMTP, IMAP, SMTP(secured) or IMAPS. Not sure about in specific to starttls.
IBM India
US
Hi Harish,
Yes email server supports STARTTLS. Currently they Disable because my application is not able to connect.
Pega version 7.1.9.
Server team enable TLS on port 25 but as per below email account rule help port 25 is unsecured. I asked about port 587 to server team they said we don't have port 587.
Pegasystems Inc.
IN
Hi,
Find this article for more information on the ports generally used for SMTP: http://blog.mailgun.com/25-465-587-what-port-should-i-use/
Pegasystems Inc.
US
It's worth noting that STARTTLS and TLS are not the same thing and the rule form configuration will differ for each. So you will want to verify with your server team if the channel is secured by STARTTLS or if SSL/TLS is required.
Additionally, it's worth noting that some exchange servers might not allow communication on unsecured channels, so you may need the correct certificates installed in the application server regardless of which situation applies to you.
IBM India
US
Hi Nick,
Below is the chat with JBoss server team. If I wan to use same functionality which port 587 have in port 25 then what change is required?
Hi Nick,
Below is the chat with JBoss server team. If I wan to use same functionality which port 587 have in port 25 then what change is required?
| When opportunistic is enabled domino will send STARTTLS | |
| Pega isn't understanding that | 11:58:03 AM |
| because by the info you pasted above | 11:58:20 AM |
| It expexts starttls on the port 587 | 11:58:40 AM |
| Contact PEGA vendor | 11:58:51 AM |
This is an reply example when opportunistic TLS is enabled |
12:00:01 PM |
| S: <waits for connection on TCP port 25> C: <opens connection> S: 220 mail.example.org ESMTP service ready C: EHLO client.example.org S: 250-mail.example.org offers a warm hug of welcome S: 250 STARTTLS C: STARTTLS |
12:00:12 PM |
| It sends the word STARTTLS | 12:00:25 PM |
Pegasystems Inc.
US
It is not required for you to use port 587 with STARTTLS, it's just a recommendation.
After re-reviewing your screen shots, I see the User ID field is not populated. In Pega 7.x there is an issue where leaving that blank will cause the test connection to fail. Please try populating that field and testing again. If it is still failing, we may need to see the underlying error from the logs and potentially enable some debug.
The following article has some good setup and troubleshooting information:
https://collaborate.pega.com/discussion/troubleshooting-common-email-issues