Smtp validation loads always localhost

pglombardo / PasswordPusher

🔐 Securely communicate sensitive information with automatic deletion after a certain number of views and/or time has passed. Track who, what and when with full audit logs.

https://pwpush.com

Apache License 2.0

1.78k stars 329 forks source link

Smtp validation loads always localhost #2001

Open slim-azaiz opened 3 months ago

slim-azaiz commented 3 months ago

🐛 Bug Report

I tried to test smtp validation, but it gets always localhost as server smtp even if i have well configured the settings.yml

🔬 How To Reproduce

Steps to reproduce the behavior:

Code sample

./bin/rails console
Rails.application.config.action_mailer.smtp_settings

{:address=>"server",
 :port=>24,
 :user_name=>nil,
 :password=>nil,
 :authentication=>"plain",
 :enable_starttls_auto=>true,
 :open_timeout=>10,
 :read_timeout=>10}

Mail.deliver do
  to '<mail>'
  from 'user'
  subject 'testing mail'
  body 'testing mail'
end

/opt/PasswordPusher/vendor/bundle/ruby/3.2.0/gems/net-smtp-0.4.0.1/lib/net/smtp.rb:631:in `initialize': Connection refused - connect(2) for "localhost" port 25 (Errno::ECONNREFUSED)

github-actions[bot] commented 3 months ago

Hello @slim-azaiz, thanks for contributing to the Password Pusher community! We will respond as soon as possible.

pglombardo commented 3 months ago

Hi @slim-azaiz - Thanks for reporting. I will take a close look at this soon. I know email is a problem for a subset of users and I haven't figured out why yet. I'll post back soon.

pglombardo commented 2 months ago

Hi @slim-azaiz - in v1.39.8, I added a tool to better flush out email issues. Could you update to that version and try this out? It should hopefully point us in the right direction.

slim-azaiz commented 2 months ago

Hello, It is working better but i can not connect to the server without authentication

{:address=>"<server_url>",
 :port=>25,
 :user_name=>"",
 :password=>"",
 :authentication=>"plain",
 :enable_starttls_auto=>nil,
 :open_timeout=>10,
 :read_timeout=>10,
 :domain=>"mousquetaires.com",
 `:openssl_verify_mode=>:none}`

I got this errror /opt/PasswordPusher/vendor/bundle/ruby/3.2.0/gems/net-smtp-0.5.0/lib/net/smtp/authenticator.rb:45:in `finish': 500 5.5.1 Command unrecognized: "AUTH PLAIN AAA=" (Net::SMTPAuthenticationError) irb(main):002> Rails.application.config.action_mailer.smtp_settings

pglombardo commented 2 months ago

Cool that is progress. This problem points to :authentication. Try setting it to nil or not setting it at all.

Here are the docs for :authentication:

:authentication - If your mail server requires authentication, you need to specify the authentication type here. This is a symbol and one of :plain (will send the password in the clear), :login (will send password Base64 encoded) or :cram_md5 (combines a Challenge/Response mechanism to exchange information and a cryptographic Message Digest 5 algorithm to hash important information)

slim-azaiz commented 2 months ago

Hello,

Thanks @pglombardo for your quick reponse. I have already tried nil( i deleted the parameter from setting file ) and falsebut i got always the same error.

I think that authentication field has default value that can not be redefined.

Regards, Slim

slim-azaiz commented 2 months ago

I am wondering if there is a bug in authentication field ?

pglombardo commented 2 months ago

Hi @slim-azaiz - In the latest releases I removed the defaults. Did you try with the latest tag yet? The update where I removed the defaults was in v1.40.7.

I think I neglected to update here. Apologies - it's a bit crazy here this week.

slim-azaiz commented 2 months ago

Hello,

I am using the latest version 1.40.10

{:address=>"<server_url>",
 :port=>25,
 :domain=>"<domain>",
 :open_timeout=>10,
 :read_timeout=>10,
 :openssl_verify_mode=>:none}
irb(main):002>
irb(main):003> TestMailer.send_test_email(<mail>).deliver_now

/opt/PasswordPusher/app/mailers/test_mailer.rb:7:in 
send_test_email : No SMTP username provided: smtp_user_name (StandardError)

There is no more the authentification field neither enable_starttls_auto

Regards, Slim

pglombardo commented 2 months ago

Hey @slim-azaiz - what type of mail server are you using and how is it configured?

slim-azaiz commented 1 month ago

It is an smtp server. I am using the last version 1.40.14 smtp_user_name is still mandatory

app/mailers/test_mailer.rb:7:in `send_test_email': No SMTP username provided: smtp_user_name (StandardError)
        from (irb):3:in `<main>'

LukaszC86 commented 2 weeks ago

~~I have the same issue with the latest version. I have internal server without authentication and currently it's impossible to deliver any messages, because bloody authentication is always turned on:~~

Failed delivery of mail 666c12f698020_e385a4522f3@85d8d8368e07.mail error_class=ArgumentError error_message="SMTP-AUTH requested but missing user name"

Update: I'm sorry, I've noticed your commit @pglombardo to the settings.yml and I've mounted my custom settings file to the container with commented out "#smtp_authentication: 'plain'" - it works perfectly now. 🥳🥳🥳

pglombardo commented 2 weeks ago

@LukaszC86 - that is very welcome news as this issue has driven me crazy. 😄

@slim-azaiz - have you had a chance to try the latest releases?