Open maxxer opened 2 years ago
Upvote for this.
I don't want to leave my email password credentials lying around in the clear where they might be found by an unauthorised person, or included in a backup.
I have an email server that is configured to accept emails from the local network without further authentication, so I should be able to use it for backup logs, but this bug means that I can't.
I'd be happy to take a pull request to make the change. What would be the proper fix here? If you could give me instructions on how you've set up your system so I could reproduce I'd be happy to take a look.
i.e. on your systems, does Send-MailMessage
work if you do not set the -Credential
argument? If so, I think it'd be a pretty easy fix.
I also have this configuration. I have a local/internal SMTP relay that accepts unauthenticated port 25 connections.
In my case I commented out the $password and $credentials lines (305, 306) because ConvertTo-SecureString pukes on an empty string. I also altered Send-Message to remove -Credential.
I think the simplest solution is to detect an empty "ResticEmailPassword" and skip those parts of the script.
Let me add my 👍 for this. I have a similar problem. Would love to see the PR merged.
👍
I'm using a local SMTP which has granted Windows server delivery without auth, but I'm unable to set up the script to work with it. I initially commented out
$ResticEmailUsername
and$ResticEmailPassword
but it complained, so I set them to an empty string, but it's still not happy.From what I can see in the sources, empty credentials are not managed. Can this be added? Thanks
P.S. side note: when or after trying to send the notification email, I get a prompt for credentials, even tough I ran restic from an Administrator shell