Here's one of the most strangest problems i've ever seen in my life as developer:
I have a website running CakePHP (lastest version, always) and when I send an email to someone (using Yahoo, Hotmail or YopMail), let's say a "remember my password" message, the CakePHP don't work properly.
What should happend: user acess the website using the link sent via email, internal process (generating the new password and sending it via email to the user), redirect the user to the homepage with a message "Your new password was sent by email".
The problem is that when the user clicks the link he's redirected to the homepage without any session variables... And there's no generated email!
But if I send the SAME link to someone using gMail it works like a charm.
Do you have any clue about where I should start?
It was some problem with the security level... I lowered it to "low" and it worked.
If it works in GMAIL, but not in YAHOO, then it sounds like yahoo is filtering your message. It's possible your wording triggers their spam or exploit filter. Just as a test, try sending the same link as an image link instead of using text. see if that works for yahoo.
Related
Yesterday I started noticing that the keycloak emails for required user actions are containing HTML characters inside the URL that is being sent for the required action.
example: /auth/realms/EasyDox/login-actions/action-token?key=eyJhbGciOiJIUzI1NiI
This of course gives me an error on the keycloak page
If I change the characters = to = in the URL, it works fine and I am able to do the password reset.
Note that we are using mailjet to send emails through our custom domain.
I really don't know where the issue is since before yesterday everything was working fine, and I'm kind of lost on what to look for.
If anyone has any suggestions what to try since we have customers that are connected to this keycloak, and some of them can't log in since they forgot their password.
I managed to solve this by moving our mail sending from Mailjet to SendGrid. It had nothing to do with keycloak.
I have a keycloak (4.4.0-Final) installation.
Scenario:
sendgrid is configured as mail agent (and test mail sending is ok)
I create a new user in keycloak admin console and I pass it the action "verify email"
I get an email with a link to verify my email address, but when I click the link, I get the error "We're sorry...
An error occurred, please login again through your application."
I now have a closer look at the URL and I see 2 times = => http://keycloakurl/.....login-actions/action-token?key=eyJhbGciOiJIUzUx...&client_id=client-...
When I change = to = , the url works.
Does someone know if this is a bug in sendgrid, or a bug in the keycloak templates?
I know you have moved ahead with Mailjet but I would like to share my solution here as it may help others. I noticed this issue only happens if Email Tracking is enabled at SendGrid side. Try after disabling all tracking configurations under Setting -> Tracking screen.
The issue was not keycloak, but sendgrid (ref: https://issues.jboss.org/browse/KEYCLOAK-8536). We fixed the issue by dropping sendgrid and going to mailjet.
I have set up a magento store of my own for my business of grocery products.
I have almost configured each and everything.
I have a mail server and can have as many email addresses as I require.
I have a theme set up for the store.
While a user tries to log in and has forgot a password, there is a link to click saying "Forgot Password".
On clicking it, it displays "An email has been sent to your account with new password details."
I know this will not send an email as I have to configure entire system.
I do not want to send a new password by email. Instead I want to send a link. On clicking this link, the user can go the it and have an option of password reset.
Please help me with this. It will be much much appreciated.
Magento's standard "Forgot Password" functionality works exactly as you've described - it sends a link to the user to reset his or her password - it doesn't just send a new password.
Magento uses Zend_Mail to send emails. By default, Zend_Mail will use PHP's mail() function (via Zend_Mail_Transport_Sendmail), which will usually send emails via sendmail or similar, depending on the PHP configuration.
If you have your own mail server that you'd prefer to use, you can configure Magento to use SMTP. This does require some code, but, luckily, there are some good extensions out there that already do this, like aschroder/Magento-SMTP-Pro-Email-Extension.
I am having some hard time getting my PHP script to send emails with a SMTP Gmail account. I am using PHP and Symfony2 SwiftMailer, but it seems that the problem lies with my Gmail account configuration. In my logs, I end up with the following error message:
"ERROR - Exception occurred while flushing email queue: Failed to authenticate on SMTP server with username "new.user.name#gmail.com" using 1 possible authenticators"
Luckily, I had another Gmail account working with another application, seemlessly. Rescuing these parameters (user and password) on my new box, eveything works just fine.
in parameters.yml I have (working fine):
parameters:
mailer_transport: gmail
mailer_host: ~
mailer_user: old.user.account#gmail.com
mailer_password: old-password
And here is the version giving auth error message:
parameters:
mailer_transport: gmail
mailer_host: ~
mailer_user: new.user.account#gmail.com
mailer_password: new-password
Needless to say I have checked, rechecked and checked yet again user and password.
I reviewed my Gmail account settings under "Forwarding and POP/IMAP" in my new account: I could find nothing about SMTP.
Searches made me aware some captcha policy may interfere with SMTP accounts. I read here that I should try to enter a captcha phrase, which I do here, and get the nice message:"Account access enabled", "Please try signing in to your Google account again from your new device or application."
Trying again. No luck.
All this is happening from my local dev environment (both OK mails, and NOT OK mails).
How I could get to use SMTP with a newly created Gmail Account ? Any idea ?
Actually, double-checking my inbox, I saw I received a mail from Google explaining someone was trying to enter my account. There, I found a link to the configuration parameter I was looking for:
https://www.google.com/settings/security/lesssecureapps
==> I just had to check: "Make my account less secure.", and was able to get mails sent.
In the mean time, I have found that Gmail SMTP service is getting pretty unrelyable and introduces captcha every now and again (here). I seems there is not much you can do about it. On the other hand, I read stronger passwords seem to help in some cases (here).
I must also say that with a newly created account, I was not able to get this working. Even unchecking the "make my account overly secure" option. It really looks like Gmail is phasing out its SMTP service.
UPDATE
I wanted to mention that there are some excellent and free (or very, very cheap for high volumes) alternatives for sending emails. For example, you could check Mandrill, SendGrid or Amazon SES, among others.
Using the link https://www.google.com/settings/security/lesssecureapps gave me the message: this setting is disabled by your administrator.
I had to go to admin.google.com and login with the same account details and look for the same setting there. Full url was https://admin.google.com/AdminHome#ServiceSettings/notab=1&service=securitysetting&subtab=lesssecureappsaccess
Then the first link worked, so also there I enabled less secure apps. Now I was able to use Gmails SMTP.
Maybe this helps someone: I had the same encounter with gmail, but in my case, when I logged into the gmail account that I configured in my code as SMTP mail sender user, I was greeted by a warning message saying that somebody tried to use my user and pass and that attempt was blocked (hence my error message). It asked me to confirm if that was me or not, so after I clicked the 'That was me' button and tried my code again all worked fine.
Making my account less secure helped me https://myaccount.google.com/lesssecureapps
I'm building a website that allows user to connect using Facebook Connect. So far I'm able to log the user in and fetch data about them (name, email, pic, etc.). If I fetch the email (using Users.getInfo) I get a proxied email (apps+blahblah#facebook.com), which is absolutely great. Problem is, that email doesn't work. I've tried sending an email to it and I never received it. There are two reasons I see that could cause this:
I don't have enough permissions. Ok, I can understand that, but if I don't have enough permissions then why are they returning an email at all?
The email has to be somehow sent from the application itself (I've tried sending it from my Gmail account) -- but how would Facebook know that the email is coming from the application?
So which is it? Or is it something else?
I have recently been looking into this as well.
I did find some guidelines on http://www.insidefacebook.com/2010/01/15/facebook-platform-email-sharing-api-proxy-email-service-going-live-in-5-days/
here is the most important part:
Emails you send must clearly indicate that they are from you and must not appear to be from Facebook or anyone else. For example, you must not include Facebook logos or brand assets in your emails, and you must not mention Facebook in the subject line, “from” line, or body header. All emails to users must originate from the same domain, and you must provide us with the name of that domain in the Facebook Developer application used to manage your application.
I have already found that if you do not have the address in the from as #facebookappmail.com
might even have to be appname#facebookappmail.com the emails will bounce. So sending from your gmail will not work, the "blah blah blah" in the proxy contains the application information of the application that had the permissions to get that email.