Webmin does not support STARTTLS when sending e-mail


This issue has been reported previously on the Webmin mailing list at SourceForge (https://sourceforge.net/p/webadmin/bugs/4517/?page=1 and https://sourceforge.net/p/webadmin/discussion/600155/thread/3717d120/?li...) but none of the reports have gotten working solutions, so I thought I would report this again on the Virtualmin site as I am now experiencing this bug for myself.

We run a cluster of four Web servers, each running Webmin (and one running Virtualmin). I have Postfix configured on the Virtualmin server, and have secured it by requiring authenticated mail clients to connect to port 587 and use TLS/STARTTLS together with SASL authentication before they can send e-mail.

I am trying to configure Webmin to automatically check for and install software package updates on the four Web servers I have, and want it to send e-mail notifications when this is complete, as well as send e-mails about scheduled backups and other related tasks. On the Virtualmin server, I went into Webmin > Webmin Configuration > Sending E-mail and chose to send via the local mail server command, which worked flawlessly.

However, I haven't been able to get Webmin to send e-mail on the other three servers running only Webmin. Because there is no local mail server on those machines, I select to send via remote SMTP server from Webmin > Webmin Configuration > Sending Email, then check the "use SSL encryption" box, change the port number to 587, and put in my authentication details, selecting LOGIN as the authentication method. But when I try to send a test message, I just get "SMTP command failed."

When I send the same test but uncheck "use SSL encryption" (still on port 587), I get the following: sending failed : SMTP command mail from: virtualmin@jemediacorp.com failed : 530 5.7.0 Must issue a STARTTLS command first , line 4.

I can send e-mail in Roundcube, Apple Mail for macOS, Apple Mail for iOS, and Outlook but cannot send via Webmin.



Webmin doesn't currently support using STARTTLS to switch to SSL mode, but if the remote mail server is listening on a different port in SSL-only mode, Webmin can use that.

Thanks for your reply. Right now, for security reasons we only support STARTTLS on port 587 for authenticated SMTP clients (similar to othe services like Office365). Is it possible to add STARTTLS support into Webmin, or even set up some kind of command (via the send using local mail server command option in Webmin) to get the message sent via STARTTLS?

I'll look into adding STARTTLS support - will update this bug when it's done

Thank you, we really appreciate this and everything else you do for Virtualmin :)