Is there an option to use STARTTLS in workflow STMP communications?
Question
Question
Workflow Email Configurator - STARTTLS available as an option?
Answer
Workflow 10.4.3 uses TLS 1.2 by default. Workflow 10.4.2 and below don't unless you set the .NET Framework and WinHTTP TLS reg keys. That would also be a relevant difference between Forms (which is working) and Workflow (which is not).
Upgrade Workflow to 10.4.3 and see if that fixes the problem.
For SMTP Inbound mail flow, after deprecation of TLS 1.0 and 1.1, we will accept only TLS 1.2 connection. However, we will continue accepting SMTP Connection which is unencrypted without any TLS. Although we do not recommend email transmission without any encryption.
Replies
Yes, Workflow can use SSL connections to the mail server. Check the "use SSL" box in the mail server properties.
There is another commend which an app can issue when contacting a SMTP server called STARTTLS (It is not a protocol but a way to ensure the correct protocol is used). While troubleshooting an error returns from Microsoft, Unable to read data from the transport connection: net_io_connectionclosed, IT is asking if the STARTTLS command can be used.
Yes, we're aware. I've configured Workflow and Forms to use STARTTLS endpoints many times.
I'm guessing your configuration is set to use port 465. Try changing it to 587.
General background: https://www.fastmail.help/hc/en-us/articles/360058753834-SSL-TLS-and-STARTTLS
Ok, this one is already on port 587 and recently broke so I have a feeling Microsoft is doing something new again (they seem to be at the forefront of SMTP complexity).
I just needed to see if Workflow uses STARTTLS for now so I can get back to IT.
The odd thing is, they have both Forms and Workflow running on the same OS, both are configured exactly the same with the SSL checkbox, port 587, and User/Pass auth.
Forms is allows to send emails and workflow is not. But it was working at once time, so most likely a Microsoft change.
Are you trying to connect to Office 365/Exchange Online SMTP?
Yup, its the good old smtp.office365.com server.
Okay, thanks for confirming.
Are you on Workflow 10.4.3 or higher?
You could also try port 25 with SSL checked in Workflow as Microsoft suggests here for Option 1:
It is version 10.4.2
I tried port 25 with SSL but got the same error.
Does 10.4.3 have a different config option?
Can you give us the full stack trace from the logs?
WF uses System.Net.Mail which always sends a STARTTLS command when SSL is used.
Workflow 10.4.3 uses TLS 1.2 by default. Workflow 10.4.2 and below don't unless you set the .NET Framework and WinHTTP TLS reg keys. That would also be a relevant difference between Forms (which is working) and Workflow (which is not).
Upgrade Workflow to 10.4.3 and see if that fixes the problem.
For SMTP Inbound mail flow, after deprecation of TLS 1.0 and 1.1, we will accept only TLS 1.2 connection. However, we will continue accepting SMTP Connection which is unencrypted without any TLS. Although we do not recommend email transmission without any encryption.
Ok will do.
That did the trick thanks! Keep running into issues with TLS version mis-matching but I always get thrown off by the error messages.