With release of SwyxWare/Netphone 12.41 also changes to the SMTP module became necessary to implement the current security requirements.
Therefore the module now reacts differently with regard to previously working configurations in connection with the email server used.
Support of extended authentication mechanisms:
If the mail server supports special authentication mechanisms, such as
it can happen that the authentication basically works, but the TLS connection is directly terminated by the mail server. Here, different implementations of the various mechanisms and the expected responses, do not seem to match.
-> If you are experiencing such problems, please contact support via your reseller or distributor.
Support of "unauthenticated connections
If you have not authenticated via username/password in the mail server, but SMTP authentication has been activated in SwyxWare/Netphone (username and password are empty), no login to the mail server is possible.
So here is either:
- Deactivate SMTP authentication
- You enter a username and password if SMTP authentication is desired
Certificate problems during the establishment of an encrypted connection
The SMPT module now checks the validity of the server certificate in relation to the configured server name or FQDN by default. If a self-signed certificate is used for the specified mail server or the mail provider uses a certificate whose root certificate is not available in the Windows certificate store, the encrypted connection cannot be established.
Note: Firefox and other browsers use their own CA store and therefore have a different selection of root certificates than Windows. Therefore, testing the mail provider by accessing it via the browser can be misleading!
The SMTP module only accesses the Windows certificate store. In such a case, you must manually load the respective root certificate into the Windows store.
If this is not possible, it is possible to deactivate this certificate handling or the certificate chain check in the expert settings in the SCC (SwyxControlCenter):
SecurIty level 0 can be set here. Thereby the certificate handling will be ignored. A restart of the services after changing this value is recommended:
ATTENTION: SECURITY LEVEL 0 COMPLETELY DEACTIVATES CERTIFICATE VERIFICATION: SUBSEQUENTLY, THE ENCRYPTED CONNECTION IS NO LONGER CONSIDERED SECURE AND THIS SOLUTION OPTION IS THEREFORE NOT RECOMMENDED!
Article is closed for comments.