I'm running PHPMailer with OpenSSL on XAMPP on Windows.
I'm having trouble establishing TLS-encrypted SMTP connections to our mail gateway.
I've turned on SMTP transcript debugging for PHPMailer. The transcript is not super informative IMO:
[06-Feb-2019 13:48:08 timezone/redacted] SERVER -> CLIENT: 220 redactedmailserver.example.com ESMTP Postfix
[06-Feb-2019 13:48:08 timezone/redacted] CLIENT -> SERVER: EHLO redactedclientname
[06-Feb-2019 13:48:08 timezone/redacted] SERVER -> CLIENT: 250-redactedmailserver.example.com
250-SIZE 52428800
250-ETRN
250-STARTTLS
250-AUTH CRAM-MD5 PLAIN LOGIN DIGEST-MD5
250-AUTH=CRAM-MD5 PLAIN LOGIN DIGEST-MD5
250-ENHANCEDSTATUSCODES
250 8BITMIME
[06-Feb-2019 13:48:08 timezone/redacted] CLIENT -> SERVER: STARTTLS
[06-Feb-2019 13:48:08 timezone/redacted] SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
[06-Feb-2019 13:48:08 timezone/redacted] SMTP Error: Could not connect to SMTP host.
[06-Feb-2019 13:48:08 timezone/redacted] CLIENT -> SERVER: QUIT
[06-Feb-2019 13:48:08 timezone/redacted] SERVER -> CLIENT:
[06-Feb-2019 13:48:08 timezone/redacted] SMTP ERROR: QUIT command failed:
[06-Feb-2019 13:48:08 timezone/redacted] SMTP Error: Could not connect to SMTP host.
[06-Feb-2019 13:48:08 timezone/redacted] SMTP Error: Could not connect to SMTP host.
The transcript does, at least, prove that the error message is misleading; PHPMailer is successfully connecting to the SMTP server, but something is going wrong with STARTTLS. The error message and transcript give no hint as to what the specific TLS problem might be, though.
Similar symptoms are described in a closed issue on the PHPMailer Github, but the issue resolution there involved troubleshooting the connection using the OpenSSL command line client, as described in the PHPMailer troubleshooting page. This page gives some instructions on how to test the underlying OpenSSL connection outside of the PHP context, which should give details of why the connection might be failing. It says to run the following command:
echo QUIT | openssl s_client -starttls smtp -crlf -connect redactedemailserver.example.com:587
I imagine this works in bash on Linux, but I'm running XAMPP on Windows. I tried running a hopefully-equivalent PowerShell command:
echo QUIT | C:\xampp\php\extras\openssl\openssl.exe s_client -starttls smtp -crlf -connect redactedemailserver.example.com:587
But nothing seems to happen. A fresh PowerShell prompt reappears, and there is no apparent output from openssl.
I also tried running the command without the echo QUIT |. Still, nothing happened.
On Windows, what PowerShell/openssl.exe commands can I use to determine why the STARTTLS is failing?
Version numbers:
XAMPP 7.1.7 includes two copies of openssl.exe.
The copy located in C:\xampp\php\extras\openssl doesn't work. When launched from PowerShell, nothing happens. When launched from Command Prompt, an error message box appears that says The ordinal 4070 could not be located in the dynamic link library. This appears to possibly be the result of a bad build.
The copy located in C:\xampp\apache\bin, however, works as described in the PHPMailer troubleshooting guide.
So the answer to my original question is to just run the command as given in the troubleshooting guide, but using the not-broken copy of openssl.exe:
echo QUIT | C:\xampp\apache\bin\openssl.exe s_client -starttls smtp -crlf -connect redactedemailserver.example.com:587