TLS Connection Error SendMail tls: first record does not look like a TLS handshake

I created an IAM User with SES access for SMTP in AWS. Even the test email fails with the following error.

{“level”:“error”,“ts”:1557817125.2576823,“caller”:“web/context.go:52”,“msg”:“Connection unsuccessful: SendMail: Failed to open TLS connection, tls: first record does not look like a TLS handshake”,“path”:"/api/v4/email/test",“request_id”:“XXXnpxm97ffhzp9cgixiXXXXX”,“ip_addr”:“157.37.133.140”,“user_id”:"",“method”:“POST”,“err_where”:“testEmail”,“http_code”:500,“err_details”:""}

Enabled SMTP Auth is set to true
SMTP server: email-smtp.us.east-1.amazonaws.com
SMTP port: 587
SMTP username: User access_key
SMTP Password: secret_key
Connection is TLS

iam policy attached is

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ses:SendEmail",
                "ses:SendRawEmail"
            ],
            "Resource": "*"
        }
    ]
}

Mattermost Versions Test: 5.10, 5.9.1

Hi @marutinandanpandya,

Wondering if this previous thread might help: [solved] TLS Connection Error SendMail Failed to Open TLS - on SES Amazon SMTP credentials in Config/Mattermost JSON?

Nope. Already saw that.
As the person mentioned he was testing with the wrong creds and fixing the creds solved the issue.

Same is not the case here, I created the IAM User specifically with SES access and yet the issue. (Also tried sending emails with user having administrative access, yet the same issue)

Hi @marutinandanpandya, can you try using port 456 or 2456?

I am having the exact same issue but there is not quite enough information on this thread to resolve me. I’m using AWS SES email service: email-smtp.us-east-1.amazonaws.com. I get 1 of a few errors:

  1. TLS 587: Connection unsuccessful: Connection unsuccessful: SendMail: Failed to open TLS connection, tls: first record does not look like a TLS handshake
  2. TLS 465: Connection unsuccessful: Connection unsuccessful: SendMail: Error setting “From Address”, 501 Invalid MAIL FROM address provided
  3. TLS 25: hangs, and nothing shows up in the log
  4. STARTTLS 465: times out and then says Connection unsuccessful: Connection unsuccessful: SendMail: Failed to open TLS connection, EOF

What are your SMTP settings set to?

Hi, @djangofan

Let us troubleshoot this based on the information provided in the official SMTP Email Setup:

  • Set SMTP Username to [YOUR_SMTP_USERNAME]
  • Set SMTP Password to [YOUR_SMTP_PASSWORD]
  • Set SMTP Server to email-smtp.us-east-1.amazonaws.com
  • Set SMTP Port to 465
  • Set Connection Security to TLS

With reference to the following error that you are getting:

Let us take a look at your Mattermost email settings. Can you please run the following command on the terminal and provide the result with the sensitive information such as password redacted:

cat /opt/mattermost/config/config.json | grep -A29 "EmailSettings"

Also, are you getting those errors you listed when you click on the Test Connection button based on the combination of SMTP Server Port and Connection Security?

Thank you @ahmaddanial

I finally figured out how to solve it.

  1. My “Route 53” DNS record needed to be re-validated (via the SES settings) so that the corrrect DKIM entries (3 of them) were added to my DNS record. That , in combination with me using a AWS SES validated email was the first half of the trick.
  2. Secondly, I needed to edit /opt/mattermost/config/config.json and add ReplyToAddress , FeedbackEmail, and FeedbackName. values (which my host DigitalOcean forgot to add for me)

Thank you. Happy to have it working.

1 Like

Hi, @djangofan

Excellent. Thank you for sharing the solution you performed on your end!