Cannot send email (via GMail) with Indy. Protocol version mismatch - email

I want to send an email via GMail server.
TRY
SMTP.Connect; // <---- This is TIdSMTP
EXCEPT
Log.AddError('Cannot connect to the email server.');
END;
if SMTP.Connected then
TRY
SMTP.Send(MailMessage);
EXCEPT
on E:Exception DO
begin
Log.AddError('Connected to server but could not send email!');
Log.AddError(E.Message);
end;
END;
if SMTP.Connected
then SMTP.Disconnect;
This piece of code worked in 2014 with Delphi XE.
The program connects to the server ok but in the end it says "SSL is not available on this server":
Resolving hostname smtp.Gmail.com.
Connecting to 74.125.xxx.xxx
Connected.
Connected to SMTP server...
SSL status: "before/connect initialization"
SSL status: "before/connect initialization"
SSL status: "SSLv3 write client hello A"
SSL status: "SSLv3 read server hello A"
SSL status: "SSLv3 read server hello A"
Disconnected.
Connected to server but could not send email!
SSL is not available on this server.
I have the latest version of OpenSSL (downloaded today) and Delphi XE7.
The WireShark says:
Alert (Level: Fatal, Description: Protocol version)
Why I cannot send email?
I have tried all: no TSL, implicit, explicit, startTSL...

SOLUTION: sslvTLSv1 must be included in the SSLIOHandler.SSLVersions property.

Related

KeyCloak fails to send email using SMTP with status 500

I have Keycloak running in a Kubernetes cluster. Authentication works but I need to set up e-mail to be able to send e-mails for verification and password reset.
I have SendGrid set up as an SMTP Relay. These settings (host, port and api key) work when I send mail using the SendGrid java client. However, when pressing Test connection in KeyCloak I get:
[Error] Failed to load resource: the server responded with a status of 500 ()
[Debug] Remove message (services.js, line 14)
[Debug] Added message (services.js, line 15)
[Error] Can't find variable: error
https://<domain>/auth/resources/ong8v/admin/keycloak/js/controllers/realm.js:76 – "Possibly unhandled rejection: {}"
[Debug] Remove message (services.js, line 14)
There isn't much to go on here. I have an e-mail address set up for the currently logged in user. I've also tried resetting the password in case the Test connection functionality was broken but that didn't work either.
The Realm Settings settings user for email are as such:
host: smtp.sendgrid.net
port: 587
from: test#<domain>
Enable StartTLS: true
Username: "apikey"
Password: <api key>
Any idea what can be wrong? Or how to find out? For instance, maybe I can get a more meaningful error message somehow.
Edit:
I got the server logs.
Failed to send email: com.sun.mail.util.MailConnectException: Couldn't connect to host, port: smtp.sendgrid.net, 587; timeout 10000;
nested exception is: java.net.SocketTimeoutException: connect timed out
Edit 2:
I've tried sending mail using Telnet using the exact same settings and that works. So apparently it's something with Keycloak or its underlying Java libraries that's causing issues sending e-mail.
Turns out that Keycloak works and that emails were blocked by the hosting provider.

Getting "Client was not authenticated to send anonymous mail during MAIL FROM" error from Exchange SMTP using Rust lettre library

I am writing a Rust application that will send email through an Exchange server with SMTP functionality enabled. According to Microsoft's webpage, the settings that are required are:
Server address smtp.office365.com
Port 587
StartTLS Enabled
Credentials for mail account login
These are corroborated by the POP/IMAP settings of the webmail service.
Here is my code (with some censoring):
extern crate lettre;
use self::lettre::email::EmailBuilder;
use self::lettre::transport::smtp::{SecurityLevel, SmtpTransportBuilder, SUBMISSION_PORT};
use self::lettre::transport::smtp::authentication::Mechanism;
use self::lettre::transport::EmailTransport;
pub fn send_mail() {
let email = EmailBuilder::new()
.from("my email")
.to("destination email")
.body("testing")
.subject("testing")
.build()
.unwrap();
// Connect to SMTP server
let mut transport = SmtpTransportBuilder::new(("smtp.office365.com", SUBMISSION_PORT))
.expect("Failed to create email transport")
.encrypt()
.smtp_utf8(true)
.credentials("my email", "my password")
.authentication_mechanism(Mechanism::Login)
.build();
println!("Mail transport built");
println!("{:?}", transport.send(email.clone()));
}
When I compile and run the code,it gives me this error:
Err(Permanent(Response { code: Code { severity:
PermanentNegativeCompletion, category: Unspecified3, detail: 0 },
message: ["5.7.57 SMTP; Client was not authenticated to send anonymous
mail during MAIL FROM [SYXPR01CA0106.ausprd01.prod.outlook.com]"] }))
Why is this happening?
The closest I've come in my research is an issue on GitHub in relation to the lettre library not supporting the Login authentication mechanism (which Office 365 uses); however, the codebase was updated to support Login and I am using the master branch directly from GitHub so theoretically my application should support the Login mechanism.
Edit: Forgot to mention that I attempted an EHLO to the server, but it returned a (Client:(Connection closed)) error.
I used telnet and openssl to try connecting directly to my SMTP server, where I found that AUTH LOGIN requires 3 commands; one to send the AUTH LOGIN code, one to send the username and another to send the password. I found that the lettre library implements all its AUTH commands as single commands, so this wasn't working with the server. I downloaded the source code for the library, changed the send function to do the three separate commands, recompiled my code and everything worked fine :)
My addition to the lettre code:
if (accepted_mechanisms[0] == Mechanism::Login) &&
(accepted_mechanisms.capacity() == 1) {
try_smtp!(self.client.command("AUTH LOGIN"), self);
try_smtp!(self.client.command(base64::encode_config(
&username.as_bytes(),
base64::STANDARD).as_str()), self);
try_smtp!(self.client.command(base64::encode_config(
&password.as_bytes(),
base64::STANDARD).as_str()), self);

Can't get Zabbix to email alerts

I've recently spun up a new Zabbix 3.0 instance on Ubuntu 16.04 using Php 7.0 and I am running into a lot of issues trying to get it to e-mail the Zabbix administrators. We are trying to use Amazon SES to send out the e-mails. For our setup, we have a usename & password that was generated by SES we are using port 587 with SSL/TLS connection. I've made sure that the alert is enabled and that the E-mail media type was enabled as well. I've also double checked the Zabbix is compiled with SMTP & TLS support. I've also verified that the Zabbix server can get to the Amazon SMTP endpoint on port 587. From the messages it seems to be some form of a communication issue, but everything I've tried isn't really getting me anywhere.
SSL connect error: Encountered end of file
26163:20170515:131115.744 * NSS error -5938 (PR_END_OF_FILE_ERROR)
26163:20170515:131115.744 * Encountered end of file
26163:20170515:131115.744 * Closing connection 0
26163:20170515:131115.744 SSL connect error: Encountered end of file
26163:20170515:131115.744 End of send_email():FAIL
26163:20170515:131115.744 End of execute_action():FAIL
26163:20170515:131115.744 error sending alert ID [812]
26163:20170515:131115.744 query without transaction detected
26163:20170515:131115.744 query [txnlev:0] [update alerts set
retries=1,error='SSL connect error: Encountered end of file' where
alertid=812]
26163:20170515:131115.746 In execute_action(): alertid [813] mediatype [0]
26163:20170515:131115.746 In send_email() smtp_server:'email-smtp.us-east-
1.amazonaws.com' smtp_port:587 smtp_security:2 smtp_authentication:1
26163:20170515:131115.750 * Trying 54.235.77.145...
26163:20170515:131115.752 * Connected to email-smtp.us-east-1.amazonaws.com
(54.235.77.145) port 587 (#0)
26163:20170515:131115.752 * WARNING: failed to load NSS PEM library
libnsspem.so. Using OpenSSL PEM certificates will not work.
26166:20170515:131115.761 __zbx_zbx_setproctitle() title:'http poller #1
[got 0 values in 0.000736 sec, getting values]'
26166:20170515:131115.761 In process_httptests()
26166:20170515:131115.761 query [txnlev:0] [select h.hostid,h.host,h.name,t.httptestid,t.name,t.variables,t.headers,t.agent,t.authentication,t.http_user,t.http_password,t.http_proxy,t.retries,t.ssl_cert_file,t.ssl_key_file,t.ssl_key_password,t.verify_peer,t.verify_host from httptest t,hosts h where t.hostid=h.hostid and t.nextcheck<=1494868275 and mod(t.httptestid,1)=0 and t.status=0 and h.proxy_hostid is null and h.status=0 and (h.maintenance_status=0 or h.maintenance_type=0)]
26166:20170515:131115.762 End of process_httptests()
26166:20170515:131115.762 query [txnlev:0] [select min(t.nextcheck) from httptest t,hosts h where t.hostid=h.hostid and mod(t.httptestid,1)=0 and t.status=0 and h.proxy_hostid is null and h.status=0 and (h.maintenance_status=0 or h.maintenance_type=0)]
26166:20170515:131115.762 No httptests to process in get_minnextcheck.
Just for reference, I do have Zabbix running off of HTTPS. To get that configured I just made a change to the Apache sites-enabled default file to point to the certificate on the local machine. They are signed certificates. I had also installed the most recent openssl package
Has anyone ran into this issue before or know of what might be happening?
Any help would be appreciated!
Thanks :)
587 is STARTTLS, use 465 for SSL/TSL (don't forget to configure security group):
You may have problems with email/email domain verification. Be sure that's OK.

Connecting to Gmail SMTP via socket returns different responses per server

I am trying to understand why opening a socket to Gmail's server via SSL provides different responses for different servers. This is stopping me from connecting to Gmail for sending out emails.
Below is a very simple script:
<?php
$smtp_connect = fsockopen('ssl://smtp.googlemail.com', 465,
$errno,
$errstr,
300);
var_dump(fgets($smtp_connect, 512));
?>
On server 1 [no ssl cert installed], the output of the above code is: string(57) "220 smtp.googlemail.com ESMTP s89sm726209qkl.44 - gsmtp
"
On server 2 [ssl cert installed], the output of the above code is: string(71) "220-mycompany.pro.com ESMTP Exim 4.87 #1 Wed, 26 Oct 2016 07:42:49 -0400
"
Can anyone explain why this happens, and how can I make server 2 have the same behavior as server 1?
Update: I have also tried smtp.gmail.com, the output is same as using smtp.googlemail.com.
The line you get the the SMTP welcome message. It is perfectly normal that different servers give a different welcome message. It is even normal that the response to commands you send is different. This means that when communicating with an SMTP server you should not assume fixed strings as response but implement proper parsing of SMTP. See the SMTP standard (RFC 2821) for details about this protocol.

SwiftMailer connection established error

I have problem with sending mails. I using SwiftMailer 5.1.0 and account on gmail, smtp port 465 and openssl is enable, but I have this error:
Serwer: smtp.gmail.com:465 ssl
From: BizIn - system mailowy <isystemnew.pcet#gmail.com>
To: test7771#test.pl
Mail debug: Connection could not be established with host smtp.gmail.com [ #0]
At my localhost everything is okey and mails are send. But on serwer I have error.
Localhost using PHP in version 5.4.31, but at server is 5.6.0.
The fix here solved it for me: https://github.com/swiftmailer/swiftmailer/issues/544
#if-joerch
if-joerch commented on Nov 3, 2014
If you are using PHP 5.6, the error does occur because of the "SSL
context options" used for the stream context in swiftmailer. IN PHP
5.6 verify_peer and verify_peer_name the default was set to TRUE, so PHP checks the SSL certificate. It is currently not possible to
disable it in swiftmailer using some options.
You could disable the SSL check by modifying the function
"_establishSocketConnection" in StreamBuffer.php. Add these lines
before stream_socket_client command:
$options['ssl']['verify_peer'] = FALSE;
$options['ssl']['verify_peer_name'] = FALSE;
It would be great if these options could be set without hacking the
code.