SSL unknown error after upgrading to 2023.6

i have an automation that sends an e-mail via secure SMTP that was working until i upgraded to 2023.6 (from 2022.12)…now, that e-mail is failing with an unknown SSL error. can anyone assist? i’ve asked multiple times on discord with no response…

here is a pastebin of the error:

Maybe read back all the breaking changes from 2022.12 to 2023.6?
Doesn’t ring a bell, and I imagine you already searched the forum for a similar issue.

i’ve been searching for days. did that before even asking on discord or posting here.

i confess i haven’t read through all the breaking changes, but i can’t imagine there’s a breaking change that would have taken out secure SMTP…and looking at the docs, it doesn’t look like anything has changed from how i have it set up.

notify:
  - name: "hass_email"
    platform: smtp
    sender: "xxx"
    sender_name: "xxx"
    recipient: "xxx"
    server: "xxx"
    username: "xxx"
    password: "xxx"
    port: 465
    encryption: "tls"

Don’t know if this will be helpful, but I had an SSL issue with IMAP and opened this issue, albeit the error message was different:

The upshot was that recent versions of python do not by default negotiate ‘less secure’ cipher suites and need to be told to do so.

The code was eventually changed to add an option of which set of suites to choose from which resolved my issue.

I suggest opening an issue on GitHub and referencing both mine and the REST client options of cipher suite selection as described in Add ssl_cipher_list option to rest by mib1185 · Pull Request #91078 · home-assistant/core · GitHub

It might be the same issue, so hopefully quickly remedied.

1 Like

I usually use port 587 in starttls, as it should, but tested smtps on 465 on my own smtp server and it works fine for me on 2023.6.2.

- platform: smtp
  name: smtp
  sender: <my sender>
  recipient: <my recipient>
  server: <my server>
  username: !secret smtp_user
  password: !secret smtp_password
  debug: true
  sender_name: Home Assistant
  port: 465
  encryption: "tls"

Who is you smtp provider?
Maybe try 587/starttls

fastmail…i’ll give 587 a shot.

edit: no luck. same error.

Mmm… It shouldn’t, because with encryption “starttls”, the python code executed will be different…

Looks like an issue when verifying the certificate, if you google the (_ssl.c:1002) bit. Have you tried adding

verify_ssl : false

to see if that resolves it?

If it does, be careful that it would be a workaround, not a solution.
Or Fastmail has a certificate issue (unlikely), or there is something fishy happening (Man-in-the-middle attacks).

Use another SMTP?

i have tried that (as @koying suggested). it doesn’t…i still have the same error.

again, this worked perfectly until i upgraded from 2022.12.x to 2023.6.x, so it seems as if something has changed between those versions…but secure SMTP is such a core feature that i can’t imagine this being something that was a breaking change.

that doesn’t really help me. there’s no reason it shouldn’t work with my valid SMTP server. it worked fine until i upgraded to 2023.6.

absolutely, that makes sense…but it doesn’t resolve it for me. i still see the same error.

@crackers8199 If you DM me your actual config with u/p (I don’t want to create a fastmail account), I can try it from my side. That will tell us if the issue is related to fastmail or something in your infrastructure.

I can create a test account on my smtp in return.

i tried setting up a new notifier with my gmail account, and now neither one is working. this is in the logs now on startup (twice, once for each notify):

2023-06-26 12:02:38.129 ERROR (MainThread) [homeassistant.components.notify] Error setting up platform smtp
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/components/notify/legacy.py", line 93, in async_setup_platform
    notify_service = await hass.async_add_executor_job(
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/concurrent/futures/thread.py", line 58, in run
    result = self.fn(*self.args, **self.kwargs)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 100, in get_service
    if mail_service.connection_is_valid():
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 162, in connection_is_valid
    server = self.connect()
             ^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 141, in connect
    mail = smtplib.SMTP_SSL(
           ^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/smtplib.py", line 1050, in __init__
    SMTP.__init__(self, host, port, local_hostname, timeout,
  File "/usr/local/lib/python3.11/smtplib.py", line 255, in __init__
    (code, msg) = self.connect(host, port)
                  ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/smtplib.py", line 341, in connect
    self.sock = self._get_socket(host, port, self.timeout)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/smtplib.py", line 1057, in _get_socket
    new_socket = self.context.wrap_socket(new_socket,
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/ssl.py", line 517, in wrap_socket
    return self.sslsocket_class._create(
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/ssl.py", line 1075, in _create
    self.do_handshake()
  File "/usr/local/lib/python3.11/ssl.py", line 1346, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1002)

now i have no notify options available in services. previously at least the original one was still there, even though it didn’t work…but now that one has disappeared too.

i don’t know what could have changed on my end that would suddenly have caused this to stop working. i didn’t do anything other than upgrade the docker container from 2022.12.6 to 2023.6.1. there are no other changes that were made on my server or on my network.

edit: i take that back, i was able to get gmail working. had to change the encryption to starttls, but now it works.

that being said, i still have no idea what is causing fastmail to suddenly not work after working flawlessly for literally years.

Hmm gmail, I don’t know if it is working right now? I’ve migrated from gmail to outlook smtp because of problems with gmail.

Did you set your account settings the right way?

gmail is what i have working right now. it’s my original notify using my fastmail account that suddenly stopped working after being flawless for literally years.

the other problem here with using gmail is that apparently messages to tmobile phone numbers (email to sms) are blocked from most gmail accounts with no reliable way to fix it. part of my automation was sending texts to my phone by sending them to [email protected]. details here:

as such, i’d really love to get fastmail back up and running but i still have no idea why that suddenly stopped working.

FWIW, I took the plunge and had exactly zero issue

  - platform: smtp
    name: fastmail
    sender: [email protected]
    recipient: [email protected]
    server: smtp.fastmail.com
    username: [email protected]
    password: <app_password>
    debug: true
    sender_name: Home Assistant Test
    port: 465
    encryption: "tls"

I’m using a “Container” HA installation.

so am I. very strange. and frustrating.