Using gmail as SMTP server in Java web app is slow - smtp

I was wondering if anyone might be able to explain to me why it's taking nearly 30 seconds each time my Java web app sends an email using Gmail's SMTP server? See the following timestamps:
13/04/2010-22:24:27:281 DEBUG test.service.impl.SynchronousEmailService - Before sending mail.
13/04/2010-22:24:52:625 DEBUG test.service.impl.SynchronousEmailService - After sending mail.
I'm using spring's JavaMailSender class with the following settings:
email.host=smtp.gmail.com
email.username=myaccount#gmail.com
email.password=mypassword
email.port=465
mail.smtp.auth.required=true
Note that the mail is getting sent and I'm receiving it fine, there's just this delay which is resulting in a slow experience for the application user.
If you know how I can diagnose the problem myself that would be good too :)

It might be that gmail uses this delay to prevent spammers from using their SMTP server from the "outside": if the SMTP is called from the actual webmail client it would not use this delay.
In order to test this, you could open a telnet session to port 25 and do a manual SMTP session
(Search the web for SMTP HELO for examples)

GMail uses SSL for connection. To validate SSL certificate properly certain time is needed. Exact time depends on complexity of the certificate chain and use and accessibility of CRLs and OCSP checking. It's very likely that Java checks OCSPs for the certificate(s) presented, and this can be slow.
Try running your application on different system (preferably in other subnet) to exclude influence of firewalls. Maybe some part of communication (either SMTP itself, or CRL retrieval or OCSP checking) is slowed down by the firewall.

Depending on your OS, you should have a proper mail system that takes care of actually sending mails outside your network.
For instance, Postfix can do the job nicely. The configuration of Postfix would be on another thread, but typically Postfix would accept mails from your LAN (accepting to be a relay for your LAN) and would transfer the mails to gmail.
This is a exemple as to how setup postfix to have gmail as relay.
Having a mail service taking care of the relay of Gmail mails allows your Java application to be freed almost instantly (Postfix absorbs the mail, store it in its queue and forward it to Gmail itself).

Related

Failure Sending Mail using GSuite SMTP

I have a very curious issue with an application. When debugging locally, I can send emails just fine using a client's G Suite email credentials:
<smtp deliveryMethod="Network" from="client#customdomain.com">
<network defaultCredentials="false"
host="smtp.gmail.com"
port="587"
userName="client#customdomail.com"
password="supersecret"
enableSsl="true" />
</smtp>
Now, it's very important to note that the application will send just fine with the credentials when running on localhost using Visual Studio. However, when deploying to LIVE and using the exact same credentials, the application refuses to send and I only get the canned response back saying "Failure Sending mail".
I have enabled "less secure applications" in the settings and have verified the "suspicious activity" from the server's IP address. I can also log in to the Gmail account from the server using RDP and opening Firefox to go to Gmail.com.
No firewall rule has been set to block SMTP or anything on port 587.
UPDATE: the materialized error message is
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 74.125.192.108:587
74.125.192.108 being smtp.gmail.com's IP Address (or one of them, at least)
UPDATE 2: I can also not get Thunderbird on the remote server to send an email using the supplied credentials, however it can connect via IMAP and download the contents of the inbox just fine.
Well in this very specific case, it was the fault of the Amazon infrastructure this application ran on. Either amazon themselves, or the reseller changed a policy that ended up blocking communications on ports 465, 587 and 993 (and probably others too).
The "solution" was to nag them to sort it out.

Implementing an intelligent relay with an SMTP server/client

I need to implement an intelligent mailing list/relay (on Linux). The idea is that:
The server receives emails to a list address
It parses the mail, and confirms that it's from a trusted source
It looks up a list of recipients in a local database
It does some minor processing on the incoming mail, and sends it out to the list
It returns any bounce messages to the original sender
The server already has sendmail installed, but I can use another MTA if necessary.
This sounds straightforward, and sendmail already has a database look-up capability. However, I don't think this is particularly flexible, and I don't want to give sendmail independent access to my database.
The closest I've come to an existing solution is E-MailRelay, which looks good, but I don't want the overhead of integrating it if I can avoid it.
I'd appreciate a sanity check on my Plan B before starting it, or alternative suggestions. I haven't found any useful docs on this and the Sendmail book doesn't seem to have anything relevant in it.
What I'm thinking about is:
Implement an SMTP delivery agent for sendmail, and have sendmail and the DA running on the same server, with the DA listening on some unspecified port (which?)
Sendmail presumably acts as an SMTP client when connecting to the DA, and my DA will respond to MAIL/RCPT/DATA commands
The DA processes the received mail, which will be either a message out to the mailing list, or a bounce, or possibly a response
The DA then switches to client mode, connects to sendmail, and issues MAIL/RCT/DATA commands to return the response to the original sender
Does this make sense? Thanks.
This turned out to be pretty straightforward, although I didn't use a sendmail delivery agent - I just did everthing in SMTP. The server has two IP addresses, and sendmail is already listening on port 25 on IP#1.
I wrote an SMTP proxy which listens on port 25 on IP#2. This runs an SMTP server, which accepts incoming messages, and re-writes them. It then connects (as a client) to port 25 on IP#1, sending the re-written message to sendmail. sendmail then handles transmission to the re-written destination addresses. This is all transparent to the original mail client.
Not sure how I'd do this if the server only had one IP address, though.

Websocket authentication

I'm running a websocket server and asking myself, if it's planed, that clients authentication will be done with handshake in future... draft xxxx maybe :)
Do you have information? I have heard that with draft07 a session id can be sent to server, so maybe that can help to auth the client...
What I'm doing atm is to wait a maximum of 10 seconds, till the clients sends me a message with login header, username and password. But i think this is not "THE" solution. How do you guys out there doing it?
The WebSockets protocol permits standard HTTP authentication headers to be exchanged during the handshake. If you have a WebSockets server that plugs into an existing web server as a module then existing authentication in the web server should already work. Otherwise if you have a standalone WebSockets server then you may need to add the authentication support.
Update
As #Jon points out, unlike normal HTTP/XHR requests, the browser API does not allow you to set arbitrary "X-*" headers for WebSocket connections. The only header value that you can set is the protocol. This is unfortunate. One common solution is to use a ticket based system that relies on existing HTTP mechanism for authorization/authentication and then this ticket is passed along with the websocket connection and validated that way: https://devcenter.heroku.com/articles/websocket-security

Server and client side of sending an e-mail with SMTP protocol

I want to write both client and server sides of sending an e-mail also I should attend to the standard format of SMTP protocol which is specified in RFC 821.
Would you please help and guide me that how can I start it?
Why would you reinvent the wheel? There are many implementations for both sides that do a very good job and are well tested.
What feature do you miss in let's say Postfix (server) and Outlook (client)?
If you still want to start, ask yourself
how to create TCP Sockets and read/write to them
how to do connection and thread pooling
how to implement a state machine
what are you doing with related topics? (SPF, DKIM, mbox storage, Maildir storage)
what are you going to use for user authentication and authorization
(... enter hundreds of other things here ...)

Are SMTP relay requirements for System.Net.Mail different than System.Web.Mail

I deployed my web app to our production IIS 6.0 server and everything is working except when my code attempts to send email to an address that is NOT in the domain of our email server. I've seen various symptoms but this seems the most straightforward to describe:
Syntax error in parameters or arguments. The server response was: 5.7.1 This system is not configured to relay mail
My web app getting this error msg uses System.Net.Mail. It resides along with the older web app it is supposed to replace which uses System.Web.Mail. There is one SMTP server on this same machine that seems to require some new configuration regarding relay.
Checking the SMTP server properties showed nothing configured for "Relay Restrictions". The older production web app sends email without errors with the SMTP server configured as described.
So, in summary, does use of System.Net.Mail require something different for relaying email than System.Web.Mail?
The web.config for the newer version that has relay issues contains:
<system.net><mailSettings><smtp><network host="mail.cbmiweb.com" port="25"/></smtp>
I used the values above for all my testing (first on my localhost with XP IIS 5.1; then on a staging IIS 6.0 server in our LAN) and never had any "relay" problems.
The web.config for the older version using System.Web.Mail contains nothing related to SMTP!
If I suddenly need a username and password added to the smtp setting above, how come I never needed "credentials" during development?
I don't know much about SMTP and really don't even know what to ask the mail server administrator. I am very confused about what to do...thanks.
Sounds to me like the old app is sending the message directly to the recipients server and is bypassing your local mail server completely. This would have happened because your app would not have had a mail server to use configured, so it defaults back to trying to send the mail itself.
This is usually a bad idea as it can cause delays in your application depending on the recipients mail server configuration (we're talking seconds here). Further if you aren't configured to deal with things like grey lists, etc, then you can have a high number of emails that you think was sent, but never really arrived.
You should ask the mail server administrator to properly configure your local mail server to allow relaying from your machine.
OR (and this is the more secure way)
You should set up a user on your local mail server and have your app use those login credentials when attempting to send email.
The systemnetmail.com site might be helpful. Specifically the page on smtp configuration.