Haven't seen a lot of posts on here related to opends but its worth a shot I guess.
I am trying to configure my server to use the SMTP Account Status Notification Handler to email users on account specifics (e.g. account disabled, password expiring soon, etc). I followed the directions in their documentation to the letter (including obviously enabling the handler) but I get no emails sent out. I've verified that the SMTP address is correct in the General Configuration section and I can manually connect to SMTP via telnet on that machine so I know that part is working. But no email is sent (double-checked spam folders and examined the mail server logs) and I'm getting nothing in the error logs for opends, it just doesn't seem to be doing anything. I feel like I must be missing something stupid, any ideas?
thanks
To receive Account status notifications with OpenDS or OpenDJ, 2 things are needed.
First you need to configure the SMTP Account Status Notification Handler, and that's what you've done.
The second thing is that you have to attach the Notification Handler to a Password Policy, most likely to the Default Password Policy that applies by default to all users (but Root DNs).
$ dsconfig -h localhost -p 4444 -D "cn=directory manager" -w password -X -n \
set-password-policy-prop --policy-name "Default Password Policy" \
--add "account-status-notification-handler:SMTP Account Status Notification Handler"
The reason for attaching the Notification Handler to a Password Policy, is that you can have different handlers for different populations, for example employee vs customers.
This is something that is too often overlooked, and I've fell in the same trap the first time I was playing with Notification Handlers.
Kind Regards,
Ludovic Poitou
Product Manager for OpenDJ, open source Directory services in Java
http://opendj.org
Related
I am setting up SMTP service on Airflow 2.1.2.
I get this error which is quite obvious:
smtplib.SMTPSenderRefused: (530, b'5.7.0 Authentication Required. Learn more at\n5.7.0 https://support.google.com/mail/?p=WantAuthError w5sm3433302wra.87 - gsmtp'
But authentication is done, i am using an email that has 2 steps authentication, so I created an app password and I recognized the activity in google account security tab..
My setup is:
AIRFLOW__EMAIL__EMAIL_BACKEND airflow.utils.email.send_email_smtp
AIRFLOW__SMTP__SMTP_HOST smtp.gmail.com
AIRFLOW__SMTP__SMTP_MAIL_FROM my email
AIRFLOW__SMTP__SMTP_PASSWORD my app pwd of 16 chars
AIRFLOW__SMTP__SMTP_PORT 587
AIRFLOW__SMTP__SMTP_SSL False
AIRFLOW__SMTP__SMTP_STARTTLS True
AIRFLOW__SMTP__SMTP_USER my email
I checked and there is no extra space or something like that neither in pwd or email.
Why is it returning required authentication when authentication is really done?
Not sure why it is not working. But do you see:
Fetching SMTP credentials from configuration variables will be deprecated in a future warning? You should if your environment variables will be used.
If you do not see it, then you likely have smtp_default connection in the Connection database.
In Airflow 2 the authentication for SMTP has been brought to the same level as other connections and rather than passing user/password via environment variable, they should be configured as login/password in the 'smtp_default' connection.
The variables should still work as fallback, but if you already have smtp_default connection created and has some login/password (even empty) configured, those will be used instead of the ENV vars.
In your case likely the solution will be to set login/password in the connection.
I am configuring msmtprc smtp to send an outbound email and having a trouble with office365. It's working fine with Gmail account, but I am getting the following error with office 365.
msmtp: authentication failed (method LOGIN)
msmtp: server message: 535 5.7.3 Authentication unsuccessful [BN6PR13CA0016.namprd13.prod.outlook.com]
msmtp: could not send mail (account default from /etc/msmtprc)
/var/log/msmtp.log
Authentication unsuccessful [BN6PR13CA0016.namprd13.prod.outlook.com]' errormsg='authentication failed (method LOGIN)' exitcode=EX_NOPERM
/etc/msmtprc
defaults
auth on
logfile /var/log/msmtp.log
account office
host smtp.office365.com
port 587
protocol smtp
from support#example.net
user support#example.net
password *******
tls on
tls_starttls on
tls_trust_file /etc/pki/tls/certs/ca-bundle.crt
Does anyone successfully use Msmtprc with office365?
Thank you.
I've been successfully using msmtp fine for quite some time, using the following settings (on a CentOS 7 box), but with the config in $HOME/.msmtprc since it's just for my user rather than globally:
account default
host smtp.office365.com
port 587
tls on
tls_starttls on
tls_trust_file /etc/ssl/certs/ca-bundle.crt
tls_certcheck on
auth on
user username#example.com
passwordeval pass office365.com
from username#example.com
logfile ~/.msmtp.d/msmtp.log
..so this is 99% the same as yours except that instead of having the password in the file I'm using passwordeval to provide it via the output of the given command.
Perhaps multiple spaces between password and the password itself is causing the spaces to be added to the start of the password?
You could also try running msmtp so that it has a controlling terminal (i.e. run from the shell rather than via the service manager as with systemctl) to test whether providing it the password that way works as expected?
I have a very curious issue with an application. When debugging locally, I can send emails just fine using a client's G Suite email credentials:
<smtp deliveryMethod="Network" from="client#customdomain.com">
<network defaultCredentials="false"
host="smtp.gmail.com"
port="587"
userName="client#customdomail.com"
password="supersecret"
enableSsl="true" />
</smtp>
Now, it's very important to note that the application will send just fine with the credentials when running on localhost using Visual Studio. However, when deploying to LIVE and using the exact same credentials, the application refuses to send and I only get the canned response back saying "Failure Sending mail".
I have enabled "less secure applications" in the settings and have verified the "suspicious activity" from the server's IP address. I can also log in to the Gmail account from the server using RDP and opening Firefox to go to Gmail.com.
No firewall rule has been set to block SMTP or anything on port 587.
UPDATE: the materialized error message is
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 74.125.192.108:587
74.125.192.108 being smtp.gmail.com's IP Address (or one of them, at least)
UPDATE 2: I can also not get Thunderbird on the remote server to send an email using the supplied credentials, however it can connect via IMAP and download the contents of the inbox just fine.
Well in this very specific case, it was the fault of the Amazon infrastructure this application ran on. Either amazon themselves, or the reseller changed a policy that ended up blocking communications on ports 465, 587 and 993 (and probably others too).
The "solution" was to nag them to sort it out.
I need to implement an intelligent mailing list/relay (on Linux). The idea is that:
The server receives emails to a list address
It parses the mail, and confirms that it's from a trusted source
It looks up a list of recipients in a local database
It does some minor processing on the incoming mail, and sends it out to the list
It returns any bounce messages to the original sender
The server already has sendmail installed, but I can use another MTA if necessary.
This sounds straightforward, and sendmail already has a database look-up capability. However, I don't think this is particularly flexible, and I don't want to give sendmail independent access to my database.
The closest I've come to an existing solution is E-MailRelay, which looks good, but I don't want the overhead of integrating it if I can avoid it.
I'd appreciate a sanity check on my Plan B before starting it, or alternative suggestions. I haven't found any useful docs on this and the Sendmail book doesn't seem to have anything relevant in it.
What I'm thinking about is:
Implement an SMTP delivery agent for sendmail, and have sendmail and the DA running on the same server, with the DA listening on some unspecified port (which?)
Sendmail presumably acts as an SMTP client when connecting to the DA, and my DA will respond to MAIL/RCPT/DATA commands
The DA processes the received mail, which will be either a message out to the mailing list, or a bounce, or possibly a response
The DA then switches to client mode, connects to sendmail, and issues MAIL/RCT/DATA commands to return the response to the original sender
Does this make sense? Thanks.
This turned out to be pretty straightforward, although I didn't use a sendmail delivery agent - I just did everthing in SMTP. The server has two IP addresses, and sendmail is already listening on port 25 on IP#1.
I wrote an SMTP proxy which listens on port 25 on IP#2. This runs an SMTP server, which accepts incoming messages, and re-writes them. It then connects (as a client) to port 25 on IP#1, sending the re-written message to sendmail. sendmail then handles transmission to the re-written destination addresses. This is all transparent to the original mail client.
Not sure how I'd do this if the server only had one IP address, though.
I am trying to setup windows server 2008 smtp server to relay emails to gmail smtp. Everything appears to be setup but it is not sending emails. Could you please help me figure out whats wrong.
Below is the setup:
Windows server 2008 with SMTP server
feature installed. Need SMTP server
to forward all messages to gmail smtp
server to send.
I have google apps setup for my
domain, also I can send emails
throught my test app using
gmail smtp.
SMTP Server Configuration: By default has default smtp server virtual directory.
In Properties of that virtual smtp server changed following.
Fully qualified domain name = mydomain.com
smart host = smtp.gmail.com
TCP Port = 587
Out Bound Security = Basic Authentication(my username password for google apps email account)
In domains list under virtual smtp server. I have one default domain that's server dns. I added another one for my domain name.
With above setup i am trying to redirect all email to gmail smtp.
I tested connection to smtp.gmail.com from server on port 587 through telnet and it works.
I am trying to use above server from my web application also by just dropping emails in pickup directory. It get's picked up and also accepts request form web application but never sends an email.
I can see that it adds those emails in queue folder but it stays there forever.
When i try to send emails from web app to above server it rejects if To address is other than my domain.(Am i missing something in list of domains)
Thanks for all answers, finally found solution there is a property for maximum sessions which value was 0 by default. Changed it to 100 and it send all pending emails immediately.
Possible reasons are that some SMTP servers block the outgoing messages if there domain name mismatch, possible to prevent spam mails from being sent. So for example, I will not be able to send my email with an address abc#mydomain.com from my domain yourdomain.com.
Hope that helps.
Ensure your sending domain is the same as the google apps domain
Ensure your sending address is a real address and not just an alias
IIRC you need to use STARTTLS (SSL) not basic authentication
This souds like a DNS issue. Check your /badmail directory. It will have .bad and .bdp files in there. You can open these in notepad (there will be some binary in there).
However, it may point to the possible problem.
You may also want to try and enable logging on the SMTP service. There may be something in there.