Add Google SMTP support

[ksatter]

Fleet version: 4.13.2

Operating system: Ubuntu 20.4.0

Web browser: Chrome 101.0.4951.41

---

🧑‍💻  Expected behavior

After adding Google SMTP settings and receiving a confirmation email confirming that SMTP was configured, I should be able to invite new users to my Fleet instance.

💥  Actual behavior

When adding a new user with the "Invite user" option, I receive the following errors:

• In the UI: "Could not create user. Please try again"
• In the console: 500error for POST request to {baseURL}/api.latest/fleet/invites

This is the response received from the failed request to /invites:

{
  "message": "535 5.7.8 Username and Password not accepted. Learn more at\n5.7.8  https://support.google.com/mail/?p=BadCredentials bm12-20020a0568081a8c00b00325cda1ffb3sm3647059oib.50 - gsmtp",
  "errors": [
    {
      "name": "base",
      "reason": "535 5.7.8 Username and Password not accepted. Learn more at\n5.7.8  https://support.google.com/mail/?p=BadCredentials bm12-20020a0568081a8c00b00325cda1ffb3sm3647059oib.50 - gsmtp"
    }
  ]
}

The new user does show up in the list of users, but an invite is never sent.

More info

I am using an App password for the SMTP settings and have verified that a successful login is reflected there.

Attempted using both the standard Google SMTP and the SMTP relay service, trying again 24 hours after first enabling the service for my workspace.

Hopefully, we can narrow down where the breakdown in communication is happening between the SMTP server and Fleet!

[lukeheath]

@ksatter Digging around Google docs and it looks like this is recommended approach to configure an outbound SMTP server: SMTP relay: Route outgoing non-Gmail messages through Google. Are these steps you took when reproducing the issue?

[lukeheath]

Unfortunately gsuite admin access is required to set this up:

"Your current account, luke@fleetdm.com, doesn't have permission to do these steps. To continue, switch to an administrator account. This will open the Google Admin console."

So to validate that this works we'll need to involve someone with admin access.

[ksatter]

@lukeheath I did try that route. And waited 24 hours after enabling it to make sure it trickled down to my user (I used my personal Google workspace)

[lukeheath]

Digging into this more and I feel confident it is not a frontend issue. I configured SMTP using mailhog and confirmed that inviting a user returned successful and properly sent the email.

@chiiph I think involving one of the infrastructure engineers may be helpful to dig into Gmail configuration further and look for potential issues. I'm assigning this over to you to determine who you'd like to involve in debugging this further.

[ksatter]

@chiiph Is this looking like it's a Google issue, or are we still digging in?

[chiiph]

We haven't been able to devote time to this just yet. The hunch is that it's a Google thing, though, yes.

[xpkoala]

@chiiph I'm going to attempt reproduction of this today, if this issue is still occurring we would like to get this issue prioritized for release.

[smaddock]

Reproduced this with our Google Workspace account using https://support.google.com/a/answer/176600 ... guess this is good a time as any to sign up for Mailgun

[fleet-release]

---

Clouds shimmer shining,
Google SMTP support enabled,
Smoothly invites sent.