Synapse cannot send mail to local Postfix server using STARTTLS

[matrixbot]

This issue has been migrated from #14934.

---

Description

When I make Synapse try to send an email (e.g. by adding one to my account in the Element UI), it reports an internal error, with the attached error in the logs (duplicated 5 times, with the Retry: line counting down from 5.

Steps to reproduce

• Attempt to add an email address to user account on homeserver

Homeserver

cirr.com

Synapse Version

1.75.0

Installation Method

Debian packages from packages.matrix.org

Database

PostgreSQL. Single server, no porting, no backups.

Workers

Single process

Platform

Debian 5.10.127-1 VPS

Configuration

No response

Relevant log output

2023-01-29 21:47:03,886 - twisted - 274 - CRITICAL - sentinel - Error during info_callback
Traceback (most recent call last):
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/twisted/protocols/tls.py", line 314, in dataReceived
    self._checkHandshakeStatus()
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/twisted/protocols/tls.py", line 237, in _checkHandshakeStatus
    self._tlsConnection.do_handshake()
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/OpenSSL/SSL.py", line 2074, in do_handshake
    result = _lib.SSL_do_handshake(self._ssl)
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/OpenSSL/SSL.py", line 1336, in wrapper
    callback(Connection._reverse_mapping[ssl], where, return_code)
--- <exception caught here> ---
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/twisted/internet/_sslverify.py", line 1064, in infoCallback
    return wrapped(connection, where, ret)
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/twisted/internet/_sslverify.py", line 1174, in _identityVerifyingInfoCallback
    verifyHostname(connection, self._hostnameASCII)
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/service_identity/pyopenssl.py", line 48, in verify_hostname
    verify_service_identity(
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/service_identity/_common.py", line 48, in verify_service_identity
    matches = _find_matches(cert_patterns, obligatory_ids) + _find_matches(
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/service_identity/_common.py", line 88, in _find_matches
    if sid.verify(cid):
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/service_identity/_common.py", line 284, in verify
    return _hostname_matches(pattern.pattern, self.hostname)
  File "/opt/venvs/matrix-synapse/lib/python3.9/site-packages/service_identity/_common.py", line 398, in _hostname_matches
    actual_head, actual_tail = actual_hostname.split(b".", 1)
builtins.ValueError: not enough values to unpack (expected 2, got 1)

2023-01-29 21:47:03,889 - twisted - 274 - INFO - sentinel - SMTP Client retrying server. Retry: 3

Anything else that would be useful to know?

The target mail server is a Postfix server configured to only accept TLS. I do not have issues sending mail through this server from any other application; I am able to send mail using Thunderbird, and my Nextcloud instance is able to send mail through it.