How to fix ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)?

喜欢而已 提交于 2020-05-30 08:42:09

问题


I am trying to send an email with python, but it keeps saying ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056). Here is my code:

server = smtplib.SMTP_SSL('smtp.mail.com', 587)
server.login("something0@mail.com", "password")
server.sendmail(
"something0@mail.com", 
"something@mail.com", 
"email text")
server.quit()

Do you know what is wrong?


回答1:


That usually happens when the client doesn't understand the ServerHello message that is supposed to come from the server. Typical usecases:

  1. Server responds using a protocol version that's not understood by client (either too new or too old)
  2. Server responds with complete garbage data (that's a sign that it's not using encryption)

I played a bit with openssl's arguments (I didn't paste all my attempts in the snippet below), and got various errors. Apparently, it's #2.: smtp.mail.com doesn't use enctyption.

[cfati@cfati-ubtu16x64-0:~]> ~/sopr.sh
*** Set shorter prompt to better fit when pasted in StackOverflow (or other) pages ***

[064bit-prompt]> python3 -c "import ssl, smtplib;print(ssl.OPENSSL_VERSION);smtplib.SMTP_SSL(\"smtp.mail.com\", 587)" 2>&1 | grep rror
ssl.SSLError: [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:645)
[064bit-prompt]>
[064bit-prompt]> openssl s_client -connect smtp.mail.com:587
CONNECTED(00000003)
140043409938072:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:794:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1567195256
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
[064bit-prompt]>
[064bit-prompt]> python3 -c "import smtplib;smtplib.SMTP(\"smtp.mail.com\", 587);print(\"Done.\")"
Done.

Ways to get rid of the error:

  • Move away from this server to (a decent) one that does use encryption (I'm not an expert in this area, so I can't provide one)
  • Connect to the server without SSL, using [Python 3.Docs]: class smtplib.SMTP(host='', port=0, local_hostname=None, [timeout, ]source_address=None). But, beware of all the security risks! (data (including passwords) sent in clear text (as @tedvm noticed)). There are lots of URLs (e.g. [Norton.US]: What is encryption and how does it protect your data?) explaining why you shouldn't do this



回答2:


The port for SSL is 465 and not 587, however when I used SSL the mail arrived to the junk mail.

For me the thing that worked was to use TLS over regular STMP instead of STMP_SSL.

Note that this is a secure method as TLS is also a cryptographic protocol (not unlike SSL).

import smtplib, ssl

port = 587  # For starttls
smtp_server = "smtp.gmail.com"
sender_email = "my@gmail.com"
receiver_email = "your@gmail.com"
password = input("Type your password and press enter:")
message = """\
Subject: Hi there

This message is sent from Python."""

context = ssl.create_default_context()
with smtplib.SMTP(smtp_server, port) as server:
    server.ehlo()  # Can be omitted
    server.starttls(context=context)
    server.ehlo()  # Can be omitted
    server.login(sender_email, password)
    server.sendmail(sender_email, receiver_email, message)

provided thanks to the real python tutorial



来源:https://stackoverflow.com/questions/57715289/how-to-fix-ssl-sslerror-ssl-wrong-version-number-wrong-version-number-ssl

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!