We've been running a new system in test for a while now and creating emails to a folder so they don't accidentally go out to clients. Now we've turned on live emailing we are getting issues with sending.
I'm using ActionMailer.NET and the code to create and send the email is below. I won't include the View:
EmailResult x = new EmailController().EmailWorkOrderForApprovalToClient(model);
System.Net.Mail.Attachment file = new System.Net.Mail.Attachment(FilePath);
x.Mail.Attachments.Add(file);
x.Deliver();
Which gives the error
The SMTP server requires a secure connection or the client was not
authenticated. The server response was: 5.7.57 SMTP; Client was not
authenticated to send anonymous mail during MAIL FROM
The web.config looks like this:
<system.net>
<mailSettings>
<smtp deliveryMethod="Network" from="ClientServices#topupconsultants.com">
<specifiedPickupDirectory pickupDirectoryLocation="" />
<network defaultCredentials="false" host="smtp.office365.com" password="secret" port="587" userName="ClientServices#myco.com" />
</smtp>
</mailSettings>
My assumption is that enableSsl="true" needs to be added to the network line, but when I do that and try to go to the SMTP Email section of the site in IIS, I get the error:
Unrecognized attribute 'enableSsl'
I'm not that hot on IIS, but I've checked that the Application Pool and its .NET CLR version is 4.0.30319. I've also checked that .NET v4.5 is installed on the server.
This is baffling me, and I'm hoping I don't have to totally change my code to a method that allows me to specify SSL at that point.
Answering my own question here, and basically the answer is: "Don't believe the error message". In all the configurations I tried, I believed the error message when it told me that is was unacceptable. However, I tried it anyway, and it uses the enableSsl attribute when it sends, and this allows the connection to Office 365 to succeed.
Slightly irritating IIS bug that I'll forget about in a week, but right now is very annoying.
This is issue on IIS no need to worry about this error message
SmtpClient object enableSsl value get mapped
this silly issue is wasted my much time :D
Related
Trying to sign an OutlookAdd-In with a GoDaddy certificate using http://tsa.starfieldtech.com as the Timestamp server, but was getting "signing parameter is incorrect". Now getting "An error occurred while signing: Timestamp URL server name or address could not be resolved." I successfully utilized http://timestamp.comodoca.com/authenticode in order to get it out to users but am not completely comfortable using a new URL. Are others experiencing this issue?
Thanks!
Here's my 2ยข:
As of a couple of days ago, GoDaddy withdrew from the code signing certificate (CSC) business. GoDaddy have told me they will honor my certificate till its expiry, which is 2023.
GoDaddy tech support tell me that starfieldtech.com, GoDaddy's recommended TSA (Time Stamp Authority) server, no longer recognizes GoDaddy CSCs. Using MS SDK signtool.exe, I have tried the following alternatives, all of which fail with the error "The specified timestamp server either could not be reached or returned an invalid response.":
http://tsa.starfieldtech.com/
http://timestamp.digicert.com?alg=sha1
http://timestamp.globalsign.com/scripts/timstamp.dll
http://www.startssl.com/timestamp
http://rfc3161timestamp.globalsign.com/advanced
https://timestamp.geotrust.com/tsa
http://tsa.startssl.com/rfc3161
http://www.trustcenter.de/codesigning/timestamp
http://freetsa.org/tsr/
http://freetsa.org
https://freetsa.org
The only one that still works is:
http://timestamp.comodoca.com/authenticode
I'm skeptical that TSA server is sufficient, I think the problem goes deeper than that.
I have also reviewed https://gist.github.com/Manouchehri/fd754e402d98430243455713efada710.
Does anyone know of other reputable TSAs that work?
I'd rather not have to prematurely replace my expensive CSC.
It's dead.
Browser shows Server not found.
Name resolution fails:
nslookup tsa.starfieldtech.com
...
can't find tsa.starfieldtech.com.: Non-existent domain
I've backup of ondemand instance for sugarcrm version 8.0.0 Enterprise Edition
It works normal for CRUD records and other stuff, but when I try to upload module via Zip it gives me following error
Cross Site Request Forgery (XSRF) Attack Detected
Form authentication failure (Administration -> UpgradeWizard). Contact your administrator.
I've tried following article
Troubleshooting Cross-Site Forgery Messages
But the problem still persists. The problem only occurs for BWC modules IMO.
EDIT: Before trying this work-around, check if you have the HTTP referer header disabled in your web browser, as that might be the reason for having the described problem in the first place.
If this is a local test/dev-instance you might want to add
['csrf']['soft_fail_form'] = true,
to your $sugar_config in config.php or config_override.php. That should cause the error to be logged only instead of aborting the action.
Note: This works on Sugar 7.9. I have yet to test it on 8.0.
Source: https://community.sugarcrm.com/community/developer/blog/2017/10/11/upcoming-security-changes-to-sugar
Add this lines in your config_override.php file
$sugar_config['http_referer']['list'][] = 'http://CHANGE_TO_YOUR_LOCAL_URL/';
$sugar_config['csrf']['soft_fail_form'] = true;
I am a newbie to Hybris and I got a task to configure mail service in the application.
The code for the mail is already written but still the mail is not working.
I tried to configure it and the smtp configuration is fine. I am using SMTP configuration of Google.
However, when I execute the process, it breaks at the very first node quoting :
Something Went Wrong
I am using the following link :
http://flexblog.faratasystems.com/index.php/ecommerce-with-hybris-sending-emails/
<process xmlns="http://www.hybris.de/xsd/processdefinition"
start="generateOneMillionPurchaseEmail"
name="oneMillionPurchaseProcess"
processClass="com.project.model.OneMillionPurchaseProcessModel"
onError="error">
<action id="generateOneMillionPurchaseEmail" bean="generateOneMillionPurchaseEmail">
<transition name="OK" to="sendEmail"/>
<transition name="NOK" to="error"/>
</action>
This is the very first node : generateOneMillionPurchaseEmail
but when I execute it, its not working.
Can anyone suggest anything on how to get it done ?
First guess without any logs:
get fakeSMTP (https://nilhcem.github.io/FakeSMTP/) and try to it as a local service by setting the value
mail.smtp.server=127.0.0.1
As google requires a authentication to use there SMTP Service, a local version without any authentication would be a good first test.
This problem seems to exist on a specific server. All other servers are working ok.
Background: The website is basically Forms Auth but there's an asmx that manually requires Basic Auth.
I have two C# client.
When invoking using SOAP (asmx client proxy) with basic auth credentials - all is well.
When invoking using WebClient or WebRequest with the same basic auth credentials, I get 401.5.
The folders have "Everyone" set to them.
When setting up iis trace, I see a very weird behavior. The request arrives with the correct Basic auth header. But further down the trace I see the following:
GENERAL_REQUEST_HEADERS
Headers="Connection: Keep-Alive
Content-Length: 68
Content-Type: application/json
Authorization: Kerberos
Expect: 100-continue
Host: 1.2.3.4
The Kerberos seems very weird. It is as if the request headers changed throughout the process, and perhaps that explains the 401.5.
Again, I would like to stress out that on other servers there's no problem with both clients. The only difference I can think of is that the problematic server is a DC. But if that is a problem then why is the SOAP client working well?
Any ideas?
Progress!
After some debugging I noticed that Application_AuthenticateRequest was fired twice for every request. The first time with Basic auth as I expected and the second time with the Kerberos!
After googling I found this:
http://forums.asp.net/t/1868629.aspx?HttpModule+triggered+two+times+for+request+to+URL+without+default+document
Seems like for extensionless urls those events might fire multiple times, depending on the configured Extensionless urls.
Going back to the trace I noticed that in the non-working server the trace shows usage of ExtensionlessUrl-ISAPI-4.0_64bit, and in the working servers no such entry existed. After comparing the two IIS I noticed that the non-working IIS had ExtensionlessUrl-ISAPI-4.0_64bit configured whereas in the working IIS there was ExtensionlessUrl**Handler**-ISAPI-4.0_64bit (note the "handler"). I compared the dlls involved and the working server had a newer aspnet_isapi.dll. I assume that this is an updated extensionless url handler. I suppose an upgrade to IIS or .NET might install a later version, but for now I tried to remove the ExtensionlessUrl-ISAPI-4.0_xxbit like so:
<remove name="ExtensionlessUrl-ISAPI-4.0_32bit" />
<remove name="ExtensionlessUrl-ISAPI-4.0_64bit" />
And it worked! Now there is only a single Application_AuthenticateRequest.
The non-working version that had this in the trace:
OldHandlerName="", NewHandlerName="ExtensionlessUrl-ISAPI-4.0_64bit", NewHandlerModules="IsapiModule", NewHandlerScriptProcessor="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll", NewHandlerType=""
Now changed to:
OldHandlerName="", NewHandlerName="WebServiceHandlerFactory-ISAPI-4.0_64bit", NewHandlerModules="IsapiModule", NewHandlerScriptProcessor="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll", NewHandlerType=""
Hopefully that's the end of it. Additional testing still required.
I would appreciate if someone can write how to upgrade IIS dlls to a later version. Is this an upgrade to .NET or is there a specific KB update that is downloaded with Windows Update?
I am using SQL Server CE 4.0 with WebApi on Windows Azure Websites. I have been successfully able to deploy SQL Server CE. The weird problem I am facing is that my site is able to log me in using the same DB but I am not able to use any of the controllers to fetch the data.
I am using same connection string for both. The only difference is that for logging in I am using WebSecurity as I have enabled OAuth on the site.
Can someone throw some light on how to debug and fix this issue? The error I am getting for the calls is
Format of the initialization string does not conform to specification
starting at index 0.
However the same string works for authentication, change password, adding OAuth connections etc.
Thanks in advance
I connected to the site using FTP. I was not giving the site name as domain name and it was denying me access earlier. On connecting, I got hold of the Web.config file and I found something interesting. While publishing the site, the web.config was modified to add another connectionstring with the name of context_DatabasePublish.
This string had following details connectionString="ContextName_DatabasePublish.ConnetionString" providerName="System.Data.SqlClient"
Also there was a new section called context added to the entityframework section of the config file with all the details for the context to use but again pointing to same connection string. The provider it is using is sql and not sqlce. I believe that is the reason it was failing.
I uploaded my normal config file and the site started working. I need to explore more on to why and how the new connection string got added. I will post the details in comments.