Vaultwarden Office365 SMTP Relay Configuration

I am facing issues when attempting to utilise Office365’s SMTP relay with Vaultwarden.

My configuration is as below:

  "_enable_smtp": true,
  "use_sendmail": false,
  "smtp_host": "",
  "smtp_security": "force_tls",
  "smtp_port": 587,
  "smtp_from": "***@***.com",
  "smtp_from_name": "Vaultwarden",
  "smtp_username": "***@***.com",
  "smtp_password": "*******",
  "smtp_auth_mechanism": "Login",
  "smtp_timeout": 15,
  "smtp_embed_images": true,
  "smtp_accept_invalid_certs": true,
  "smtp_accept_invalid_hostnames": true,
  "_enable_email_2fa": false,
  "email_token_size": 6,
  "email_expiration_time": 600,
  "email_attempts_limit": 3

When attempting to send a test mail, I get the following error message:

Error sending SMTP test email
SMTP error: Connection error: Connection error: error:0A00010B:SSL routines:ssl3_get_record:wrong version number: …/ssl/record/ssl3_record.c:354:

Any support in resolving this to get mail sending successfully would be greatly appreciated.

Many thanks.

You need to use starttls instead of force_tls

Thanks for the feedback. However, using starttls as opposed to force_tls results in the error message:

Error sending SMTP test email

This results in the email not even being attempted to be sent at all, so it is not the solution.

Any further advice?

Check the logs.
Also see

Enabling debugging was very helpful, thank you.

It was 2FA being dumb after changing to starttls

Thanks for your help.