search

goharbor / harbor

An open source trusted cloud native registry project that stores, signs, and scans content.
https://goharbor.io
Apache License 2.0
24.17k stars 4.76k forks source link

Failed to ping email server - unrecognized authentication type #5757

Closed gischethans closed 5 years ago

gischethans commented 6 years ago

I am unable to send a test email from my new Harbor instance. We have an SMTP server that requires no authentication and does not use SSL.

Expected behaviour and actual behaviour: Expected: Email test succeeds Actual Behaviour: Error message (both in UI and ui.log) - failed to ping email server: 504 5.7.4 Unrecognized authentication type

Versions:

reasonerjt commented 6 years ago

Please let us know what Email server you are using and attach all the log files.

gischethans commented 6 years ago

I am not sure what is the email server - guess it's some Microsoft solution, could be a legacy one.

I will share the log files once I review them - do you need all the log files or specific ones? Little concerned about how to anonymize content in those log files.

reasonerjt commented 6 years ago

proxy.log and ui.log should be all we need, thanks. We don't have bandwidth to verify against all Email servers, so it's expected that the community help us in that area.

gischethans commented 6 years ago

I have attached the log files by redacting machine name and IP addresses. Please let me know if you need any more info. I will also reply back if I find the exact mail server that is being used.

proxy.log ui.log

gischethans commented 6 years ago

I approached our IT Department to know the email server details and got this reply -

The SMTP servers behind are currently running Exchange 2010 SP3.

The servers themselves support implicit SSL/TLS and explicit SSL/TLS, but some software confuses the two and only gives one setting and doesn't tell what it is trying to use. You may also see explicit called StartTLS. You will need to make sure they support TLS v1.2 as all others are deprecated.

You may be limited to StartTLS through over port 25. Authentication is not required for StartTLS typically.

gischethans commented 6 years ago

@reasonerjt, while the Harbor teams work on a possible fix, could you suggest any other email server software/configuration that might work?

ghost commented 6 years ago

Postfix is a good starting point, but is far more complex to configure than Exchange 2010. Do you have any experience configuring an MTA?

There are possibly some other workarounds (e.g., ssmtp) if you're comfortable. That might get us a bit further.

Thoughts?

gischethans commented 6 years ago

Thanks, for the suggestion @clouderati. I am not familiar with the email server configuration - our IT department handles that. Also, since we now use LDAP authentication for Harbor, until email alerts for various actions are available in Harbor, we don't have a reason to get it to work. However, I would suggest that this issue is kept open since a fix could help other Harbor users.

ghost commented 6 years ago

@gischethans – definitely reasonable until we can confirm that StartTLS works (or doesn't). Thanks for reporting the issue.

stale[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

CrystalMethod commented 5 years ago

@gischethans which port are you using?

I would expect port 25 to work without authentication - which it doesn't for me - I have to specify a user. I will try to dig into https://github.com/goharbor/harbor/blob/master/src/common/utils/email/mail.go

v1k0d3n commented 5 years ago

any status on this issue? i seem to be running into the same (or similar?) issue when using office365. it seems that office365 is a reasonably sized solution to have working with Harbor, but no matter what combination i use...it just doesn't seem to work. if settings are correct, according to MS, I get the error Failed to verify mail server with error: failed to ping email server .. not sure where to start with this one, because a dig through the logs show nothing, and when accessing the containers i can properly curl and get an icmp echo response from outlook.office365.com.

alvisisme commented 5 years ago

I use hmailserver 5.6.7 to setup my mail server(requires no smpt authentication and does not use SSL), working well with microsoft outlook. When I config the harbor, it shows "failed to ping email server". The harbor core log shows:

"failed to ping email server: 504 Authentication mechainism not supported."

The hMailServer log shows:

"RECEIVED: AUTH CRAM-MD5" "SENT: 504 Authentication mechanism not supported." "RECEIVED: *" "SENT: 503 Bad sequence of commands"

It seems like that harbor default smtp authentication mechanism is CRAM-MD5(?), which is not supported by hMailServer.

Is there any way to change the harbor smtp authentication mechanism or disable it?

Tested with

stale[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

EmteZogaf commented 5 years ago

This issue is still not fixed. We get the same errors:

==> /var/log/harbor/core.log <==
[ERROR] [/common/config/manager.go:192]: failed to get key email_password, error: the configure value is not set
[ERROR] [/common/config/manager.go:192]: failed to get key email_identity, error: the configure value is not set

[ERROR] [/core/api/email.go:113]: failed to ping email server: 535 5.7.0 Authentication failed
[ERROR] [/common/api/base.go:69]: POST /api/email/ping failed with error: {"code":400,"message":"failed to ping email server"}

Please reopen!

tiger5226 commented 5 years ago

I am also still seeing the same error in my harbor logs. Please reopen.

Sep 11 07:26:31 <scrubbed> core[113671]: 2019-09-11T11:26:31Z [ERROR] [/core/api/email.go:113]: failed to ping email server: 504 5.7.4 Unrecognized authentication type
Sep 11 07:26:31 <scrubbed> core[113671]: 2019-09-11T11:26:31Z [ERROR] [/common/api/base.go:68]: POST /api/email/ping failed with error: {"code":400,"message":"failed to ping email server"}
Sep 11 07:26:31 <scrubbed> core[113671]: 2019/09/11 11:26:31 #033[1;44m[D] [server.go:2619] |  10.101.209.35|#033[43m 400 #033[0m|  12.581326ms|   match|#033[46m POST    #033[0m /api/email/ping   r:/api/email/ping#033[0m
JerryCurl commented 5 years ago

same issue here

MScuti commented 5 years ago

same issue when use office365

SpeedBlack commented 5 years ago

Hi,

Same issue when use Exchange. Do you have any idea ?

Thansk !

tiger5226 commented 5 years ago

No, this still needs to be reopened by the go-harbor team.

zhangxpp commented 4 years ago

same issue for QQ mail. image image

harbor on k8s . Version v1.9.3-c80751b8

tiger5226 commented 4 years ago

@heww anyway we can get this reopened?

dishuihengxin commented 4 years ago

the same issue when use office365.

Eric-Fontana-Bose commented 4 years ago

Why don't you support basic auth ? Then you would get all mail servers.

tannnk commented 3 years ago

Please reopen this issue. I use an email server with no encryption and no authentication.

xiak commented 3 years ago

same issue

fredbcode commented 3 years ago

Same here

glego commented 3 years ago

Office 365 with starttls not working

jeferson-ls-ribeiro commented 2 years ago

Same here.

Roia5 commented 1 year ago

Same for Exchange!

fcmxmk commented 1 year ago

Same here.