eMail notifications not working: "Mail Error on dialing with encryption type SSL/TLS: tls: first record does not look like a TLS handshake error"

Hello,

i’m running crowdsec on my debian 11 server and it’s working great. Unfortunately I’m not able to get email notifications running.

I get those error messages: “Mail Error on dialing with encryption type SSL/TLS: tls: first record does not look like a TLS handshake error”

I’ve edited /etc/crowdsec/profiles.yaml
"notifications:

• email_default"

I’ve edited /etc/crowdsec/notifications/email.yaml with my mailserver details. (which are working fine with other services)

and restarted the crowdsec services.

I’ve also tried a different, fresh crowdsec protected server with the same results. Tried with my gmail account: same results. but I’m not able to enable “send via less secure apps”.

any tipps? Thanks!
cheers, lx

Same issue here on Raspbian.

I got it working on my end. Looks like you can do either:

smtp_port:       465
encryption_type: ssltls

Or:

smtp_port:       587
encryption_type: starttls

But not other combinations of port/encryption.

The Gmail SMTP docs say 465 is for “SSL” and 587 for “TLS/STARTTLS”.

I think the CrowdSec gmail example has a mistake, and my email.yaml template doesn’t list “starttls” as a value. I reported these issues on github (#2067).

Hey, Vimes!

thank you - same here. starttls wasn’t listed in my email.yaml template as option too.
But it’s working now - thanks for your help.

kind regards,
alex