Elmah sending error mails with Sendgrid API Keys - sendgrid

Normally I use the SMTP settings in my web.config file with UN/PW to my Sendgrid account to send elmah error emails. But, with two factor authentication I don't believe sendgrid allows sending emails with basic authentication. Does, anyone know if there is a way to use the API key to authenticate the Elmah error emails?
<elmah>
<errorLog type="Elmah.SqlErrorLog, Elmah" connectionStringName="DefaultConnection" />
<errorMail from="error#domain.com" to="email#gmail.com" subject="Exception (test)" smtpServer="smtp.sendgrid.net" smtpPort="587" userName="username" password="password" async="true" />
<security allowRemoteAccess="true" />
</elmah>
Thank you!

SendGrid doesn't offer auth through basic authentication when two-factor is enabled. From their documentation:
SendGrid no longer accepts Basic authentication (username and password) for API calls when two-factor authentication is enabled for a user. You can now only use two-factor authentication if you are authenticating with an API key. For more information, see Authentication.
I believe you might have a chance to get this working, though. Try setting the username in config to apikey and password to an API key you generate through SendGrid. Possible solution found here: https://sendgrid.com/docs/API_Reference/SMTP_API/integrating_with_the_smtp_api.html

Related

Sendgrid setup on SQL Database Mail

I have been trying to setup sendgrid on SQL Database Mail but all the time it says Cannot send mail to mail server.
This is what i have done.
I have sendgrid accound with abc#mydomain.com and created api key and SG.xxxx password.
As this is prod setup instance, i had done domain level authentication and my webmaster updated CNAME as requested by sendgrid.
Tested using TELNET smtp.sendgrid.net 587 and authenticated with SG.xxxx password Base64 encoded and this was able to send email from abc#mydomain.com to xyz#mydomain.com
I setup profile with abc#mydomoain.com as SQL notification Profile and selected Basic Authentication and provided 'apikey' as username and 'SG.xxx' as password in Database Mail - 'Configure Database Mail' option in SQL SSMS. Unchecked - 'The server requires secure authentication (SSL) connection' Port 587
I tried to 'Send Test Mail' with 'abc#domain.com' to 'xyz#mydomain.com' but the Database Mail reflects as below screenshot error
I have tried using abc#mydomain.com and sendgrid account password in Database Mail Config wizard for Basic authentication, but sendgrid suggested they don't accept Basic authentication. Please help how and where should i pass the api key if not under Basic Authentication ?
I tried updating with msdb.dbo.sysmail_add_account_sp nad updating records but it too didn't resolve and send email from Database mail.
Any help/ guidance would be greatly appreciated or if you had faced this how have you resolved it.
Hi the solution is as follows
Create a dbmail profile
server name: smtp.sendgrid.net
port : 25
SMTP Authentication
Basic Auth
User name: apikey
Password: : {the api-key for your sendgrid account}
Thats it. Send a test email.
If it still doesn't work, if you are on AWS EC2 ensure that security group allows outbound port:25
Here is the link from sendgrid about apikey authentication.
https://docs.sendgrid.com/for-developers/sending-email/upgrade-your-authentication-method-to-api-keys

Kentico not sending admin user password reset

Within the Kentico admin, when I go to a User and click the Generate New Password button, the email always fails with error message:
The SMTP server requires a secure connection or the client was not >authenticated. The server response was: 5.7.0 Authentication required
I have two (2) Kentico sites, running Kentico 11. Both sites have identical SMTP settings, using the same mail server, same email, same authentication, etc. On one server, the generate password emails works. I repeat, it works. On the other I get the error.
Test emails that I send from both sites' admin work fine. Have tried sending from the Email queue AND the System applications in the admin. Both areas on both sites work just fine, so my SMTP settings are correct.
I have tried adding to following to the appSettings:
<add key="CMSLogEmails" value="true"/>
<add key="CMSDebugEmails" value="true"/>
But nothing helpful shows up in the Event log. Even without those, nothing shows up in Event log.
Be sure to set your emails addresses in the Settings app for sending password resets. Some SMTP providers require you to have a valid "from" email address.

SwiftMailer not send mail with Google App account

I'm using Symfony and I'm trying to send an email with swiftmailer. I have an account set up with google app (produccion#mydomain.com) and when I try to send shows me the following error:
Failed to authenticate on SMTP server with username
"produccion#mydomain.com" using 2 possible authenticators
I tried it with my personal gmail account and send the message correctly with the same settings. Just change the username and password.
# Swiftmailer Configuration
swiftmailer:
transport: smtp
host: smtp.gmail.com
username: produccion#mydomain.com #email#gmail.com
password: google_app_password #gmail_password
auth_mode: login
port: 587
encryption: tls
I've been searching the internet and I've found this page from Google, where I can change the access to less secure applications.
https://www.google.com/settings/security/lesssecureapps
In my gmail account this option is active, but if I turn shows me the same error when sending email.
I've been trying to change this setting in google app account but it tells me that this option is not available for google app.
Any idea to send emails from this account by google app? I have to set something else?
EDIT
It seems Gmail prefers OAuth, Swiftmailer supports this authentication mech but its not really documented.
https://developers.google.com/gmail/xoauth2_protocol
https://github.com/swiftmailer/swiftmailer/blob/5.x/lib/classes/Swift/Transport/Esmtp/Auth/XOAuth2Authenticator.php
Any idea how I use it in Symfony?
Have you tried setting the transport parameter to gmail as mentioned in the cookbook? http://symfony.com/doc/current/cookbook/email/gmail.html
# Swiftmailer Configuration
swiftmailer:
transport: gmail
username: your_gmail_username
password: your_gmail_password

How to sign-in to ADFS WIF federation AND Form auth on the same page with login (user/password) text-boxes?

How to sign-in to ADFS WIF federation AND Form auth on the same page with login (user/password) text-boxes?
Now I can use a link to redirect to adfs login with a prompt box to input domain user name and password.
Can I use the same (user/password) text-boxes as form auth? So I don't wanna use the prompt box?
ps: another question, how can i do to pass auth automatically when i login in the domain of which supplies the adfs without inputting(SSO) User and Pass?
Thanks!
ADFS supports several ways of accepting user's credentials. The one with "prompt box" is most likely integrated or basic authentication. It is configurable on ADFS side:
http://social.technet.microsoft.com/wiki/contents/articles/1600.ad-fs-2-0-how-to-change-the-local-authentication-type.aspx
If you need to configure forms authentication as a preferred option change in ADFS Web agent web.config order of local authentication types. Set Forms as a the first:
<microsoft.identityServer.web>
<localAuthenticationTypes>
<add name="Forms" page="FormsSignIn.aspx" />
<add name="Integrated" page="auth/integrated/" />
<add name="TlsClient" page="auth/sslclient/" />
<add name="Basic" page="auth/basic/" />
</localAuthenticationTypes>
Regarding the SSO, problem. It depends on browser:
in IE you need to add ADFS URL to Trusted Sites or/and make sure that Trusted Sites zone in IE allows to send windows credentials.
See: http://docs.acl.com/ax/310/index.jsp?topic=/com.acl.ax.admin.help/system_administration/t_configuring_internet_explorer_for_integrated_windows_authentication.html
Chrome assumes that any page that contains '.' - dots in address is not secure enough to provide SSO, so probably you'll need to set up a dotless alias for your ADFS host.
in Firefox you need to add ADFS URL network.automatic-ntlm-auth.trusted-uris
See: http://sivel.net/2007/05/firefox-ntlm-sso/

ServiceStack 401 authentication prompt in browser

I'm using ServiceStack 3.9.70 on IIS8 - when POSTing invalid user creds to the default authentication provider service at "auth/credentials" a "401 unauthorized" response is returned as expected along with the browser (both chrome and firefox) prompting for "Authentication Required".
This is all in the context of an angularjs app and I'm handling the 401 response accordingly however the browser prompt is quite annoying and I want it gone. How can I prevent the browser from prompting for credentials when a 401 response is returned from my ServiceStack authentication service?
Thanks!
Sometimes a good night sleep makes all the difference. I solved this by simply disabling basic authentication. I made an entry in my web.config but the same change can be made directly in IIS under the site's "Authentication" feature. Now the 401 response can be handled accordingly by my angular app without the browser throwing a prompt.
<system.webServer>
<security>
<authentication>
<basicAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
i think the 401 response is appropriate for standard http status code protocol , similar to the 403 Forbidden response.
if you want to avoid the credential handshake and save bandwidth you can include in the HEAD request on the same resource at each RESTful request you sending.