I am trying to send mail using perl through server office 365
The operation succeed 8 times out of 10 (i.e. randomly fail in 20% of cases).
use Net::SMTPS;
my $mailer = Net::SMTPS->new("smtp.office365.com",
Port => "587",
doSSL => "starttls",
SSL_version => "TLSv1",
Debug => 4
);
...
$mailer returns as undef ;
Below is the log:
Net::SMTPS>>> Net::SMTPS(0.10)
Net::SMTPS>>> IO::Socket::IP(0.41)
Net::SMTPS>>> IO::Socket(1.48)
Net::SMTPS>>> IO::Handle(1.48)
Net::SMTPS>>> Exporter(5.73)
Net::SMTPS>>> Net::SMTP(3.13)
Net::SMTPS>>> Net::Cmd(3.13)
Net::SMTPS=GLOB(0x30816b0)<<< 220 DU2PR04CA0355.outlook.office365.com Microsoft ESMTP MAIL Service ready at Fri, 22 Oct 2021 09:15:28 0000
Net::SMTPS=GLOB(0x30816b0)>>> EHLO localhost.localdomain
Net::SMTPS=GLOB(0x30816b0)<<< 250-DU2PR04CA0355.outlook.office365.com Hello [54.77.44.87]
Net::SMTPS=GLOB(0x30816b0)<<< 250-SIZE 157286400
Net::SMTPS=GLOB(0x30816b0)<<< 250-PIPELINING
Net::SMTPS=GLOB(0x30816b0)<<< 250-DSN
Net::SMTPS=GLOB(0x30816b0)<<< 250-ENHANCEDSTATUSCODES
Net::SMTPS=GLOB(0x30816b0)<<< 250-STARTTLS
Net::SMTPS=GLOB(0x30816b0)<<< 250-8BITMIME
Net::SMTPS=GLOB(0x30816b0)<<< 250-BINARYMIME
Net::SMTPS=GLOB(0x30816b0)<<< 250-CHUNKING
Net::SMTPS=GLOB(0x30816b0)<<< 250 SMTPUTF8
Net::SMTPS=GLOB(0x30816b0)>>> STARTTLS
Net::SMTPS=GLOB(0x30816b0)<<< 220 2.0.0 SMTP server ready
DEBUG: .../IO/Socket/SSL.pm:3010: new ctx 51201296
DEBUG: .../IO/Socket/SSL.pm:1620: start handshake
DEBUG: .../IO/Socket/SSL.pm:787: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:832: not using SNI because hostname is unknown
DEBUG: .../IO/Socket/SSL.pm:864: request OCSP stapling
DEBUG: .../IO/Socket/SSL.pm:880: set socket to non-blocking to enforce timeout=120
DEBUG: .../IO/Socket/SSL.pm:894: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:897: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:907: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:917: waiting for fd to become ready: SSL wants a read first
DEBUG: .../IO/Socket/SSL.pm:937: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:894: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:897: done Net::SSLeay::connect -> 0
DEBUG: .../IO/Socket/SSL.pm:945: connection failed - connect returned 0
DEBUG: .../IO/Socket/SSL.pm:946: local error: SSL connect attempt failed because of handshake problems
DEBUG: .../IO/Socket/SSL.pm:2043: downgrading SSL only, not closing socket
DEBUG: .../IO/Socket/SSL.pm:3059: free ctx 51201296 open=51201296
DEBUG: .../IO/Socket/SSL.pm:3063: free ctx 51201296 callback
DEBUG: .../IO/Socket/SSL.pm:3070: OK free ctx 51201296
Thanks for any help
CodePudding user response:
my $mailer = Net::SMTPS->new("smtp.office365.com", ... SSL_version => "TLSv1",
For some unknown reason you are trying to enforce TLS 1.0 with SSL_version => 'TLSv1'. But some of the servers behind smtp.office365.com only support TLS 1.1 and later:
$ dig smtp.office365.com
...
SXF-efz.ms-acdc.office.com. 36 IN A 52.98.199.194
SXF-efz.ms-acdc.office.com. 36 IN A 40.101.61.130
SXF-efz.ms-acdc.office.com. 36 IN A 52.98.208.114
From these the first two support TLS 1.0, the last only TLS 1.1 and later, which means depending on which server is actually chosen the TLS handshake will succeed or fail. Note that from your perspective or at a different time you might see other IP addresses which exhibit a different behavior.
The solution is simple: stop explicitly restricting the SSL_version. In this case it will offer the best version the linked version of OpenSSL offers which since many years should be better than TLS 1.0.
Apart from that, the CORE module Net::SMTP has builtin support for TLS for several years, so there is probably no need to use Net::SMTPS (which inside uses Net::SMTP anyway).