Issue sending SMTP email thru Amazon SES

[TheMrDrProf]

Please confirm you have done the following before posting your bug report:

• [ Yes] I have enabled debug mode
• [ Yes] I have read checked the Common Issues page

Describe the bug Failure to send emails using SMTP and AWS SES. This may be a niche case.

To Reproduce Checkout Item Email fails

Expected behavior Email to send on checkout

Screenshots If applicable, add screenshots to help explain your problem.

Server (please complete the following information):

• Snipe-IT Version : 5.0.9
• OS: [e.g. Ubuntu, CentOS] CentOS 7
• Web Server: [e.g. Apache, IIS] Apache
• PHP Version 7.4.x
• System running cPanel/WHM which I manage

Desktop (please complete the following information):

• OS: [e.g. iOS] Windows 10
• Browser [e.g. chrome, safari] Brave, Chrome, Firefox, Edge
• Version [e.g. 22] Latest of each

Smartphone (please complete the following information):

• Device: [e.g. iPhone6]
• OS: [e.g. iOS8.1]
• Browser [e.g. stock browser, safari]
• Version [e.g. 22]

Error Messages

(1/1) ErrorExceptionstream_socket_enable_crypto(): Peer certificate CN=MY SERVERS HOSTNAME' did not match expected CN=email-smtp.us-east-1.amazonaws.com'

in StreamBuffer.php line 94 at HandleExceptions->handleError(2, 'stream_socket_enable_crypto(): Peer certificate CN=MY SERVER HOSTNAME\' did not match expected CN=email-smtp.us-east-1.amazonaws.com\'', '/home/USER/public_html/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php', 94, array()) at stream_socket_enable_crypto(resource, true, 57)in StreamBuffer.php line 94 at Swift_Transport_StreamBuffer->startTLS()in EsmtpTransport.php line 348 at Swift_Transport_EsmtpTransport->doHeloCommand()in AbstractSmtpTransport.php line 148 at Swift_Transport_AbstractSmtpTransport->start()in Mailer.php line 65 at Swift_Mailer->send(object(Swift_Message), array())in Mailer.php line 486 at Mailer->sendSwiftMessage(object(Swift_Message))in Mailer.php line 261 at Mailer->send(object(HtmlString), array('level' => 'info', 'subject' => 'SUBJ', 'greeting' => null, 'salutation' => null, 'introLines' => array(), 'outroLines' => array(), 'actionText' => null, 'actionUrl' => null, 'displayableActionUrl' => '', 'item' => object(Asset), 'admin' => object(User), 'note' => 'system test', 'target' => object(User), 'fields' => array(), 'eula' => '

EULA 

', 'req_accept' => 1, 'accept_url' => 'URL', 'last_checkout' => '2020-11-29', 'expected_checkin' => '', 'laravel_notification_id' => '5bfc36bd-b7d6-486d-ab23-cc3f037f4ce3', 'laravel_notification' => 'App\Notifications\CheckoutAssetNotification', 'laravel_notification_queued' => false, 'message' => object(Message)), object(Closure))in MailChannel.php line 65 at MailChannel->send(object(User), object(CheckoutAssetNotification))in NotificationSender.php line 146 at NotificationSender->sendToNotifiable(object(User), '5bfc36bd-b7d6-486d-ab23-cc3f037f4ce3', object(CheckoutAssetNotification), 'mail')in NotificationSender.php line 105 at NotificationSender->Illuminate\Notifications{closure}()in Localizable.php line 29 at NotificationSender->withLocale('en', object(Closure))in NotificationSender.php line 107 at NotificationSender->sendNow(object(Collection), object(CheckoutAssetNotification))in NotificationSender.php line 79 at NotificationSender->send(object(Collection), object(CheckoutAssetNotification))in ChannelManager.php line 39 at ChannelManager->send(object(Collection), object(CheckoutAssetNotification))in Facade.php line 261 at Facade::callStatic('send', array(object(Collection), object(CheckoutAssetNotification)))in CheckoutableListener.php line 51 at CheckoutableListener->onCheckedOut(object(CheckoutableCheckedOut)) at call_user_func_array(array(object(CheckoutableListener), 'onCheckedOut'), array(object(CheckoutableCheckedOut)))in Dispatcher.php line 388 at Dispatcher->Illuminate\Events{closure}('App\Events\CheckoutableCheckedOut', array(object(CheckoutableCheckedOut)))in Dispatcher.php line 218 at Dispatcher->dispatch('App\Events\CheckoutableCheckedOut')in helpers.php line 477 at event(object(CheckoutableCheckedOut))in Asset.php line 312 at Asset->checkOut(object(User), object(User), '2020-11-29 14:26:46', '', 'system test', 'SPRINGFIELD M-14 RIFLE')in AssetCheckoutController.php line 78 at AssetCheckoutController->store(object(AssetCheckoutRequest), '502') at call_user_func_array(array(object(AssetCheckoutController), 'store'), array(object(AssetCheckoutRequest), 'assetId' => '502'))in Controller.php line 54 at Controller->callAction('store', array(object(AssetCheckoutRequest), 'assetId' => '502'))in ControllerDispatcher.php line 45 at ControllerDispatcher->dispatch(object(Route), object(AssetCheckoutController), 'store')in Route.php line 219 at Route->runController()in Route.php line 176 at Route->run()in Router.php line 681 at Router->Illuminate\Routing{closure}(object(Request))in Pipeline.php line 130 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in Authenticate.php line 43 at Authenticate->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in AssetCountForSidebar.php line 56 at AssetCountForSidebar->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in CreateFreshApiToken.php line 50 at CreateFreshApiToken->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in CheckForTwoFactor.php line 41 at CheckForTwoFactor->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in CheckLocale.php line 37 at CheckLocale->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in VerifyCsrfToken.php line 76 at VerifyCsrfToken->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in AddQueuedCookiesToResponse.php line 37 at AddQueuedCookiesToResponse->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in EncryptCookies.php line 66 at EncryptCookies->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in Pipeline.php line 105 at Pipeline->then(object(Closure))in Router.php line 683 at Router->runRouteWithinStack(object(Route), object(Request))in Router.php line 658 at Router->runRoute(object(Request), object(Route))in Router.php line 624 at Router->dispatchToRoute(object(Request))in Router.php line 613 at Router->dispatch(object(Request))in Kernel.php line 170 at Kernel->Illuminate\Foundation\Http{closure}(object(Request))in Pipeline.php line 130 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in InjectDebugbar.php line 65 at InjectDebugbar->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in SecurityHeaders.php line 26 at SecurityHeaders->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in TransformsRequest.php line 21 at TransformsRequest->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in CheckForDebug.php line 25 at CheckForDebug->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in CheckForSetup.php line 26 at CheckForSetup->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in TrustProxies.php line 57 at TrustProxies->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in ShareErrorsFromSession.php line 49 at ShareErrorsFromSession->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in StartSession.php line 56 at StartSession->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in CheckForMaintenanceMode.php line 63 at CheckForMaintenanceMode->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in HandlePreflight.php line 29 at HandlePreflight->handle(object(Request), object(Closure))in Pipeline.php line 171 at Pipeline->Illuminate\Pipeline{closure}(object(Request))in Pipeline.php line 105 at Pipeline->then(object(Closure))in Kernel.php line 145 at Kernel->sendRequestThroughRouter(object(Request))in Kernel.php line 110 at Kernel->handle(object(Request))in index.php line 58

Additional context

• Is this a fresh install or an upgrade?
• What OS and web server you're running Snipe-IT on
• What method you used to install Snipe-IT (install.sh, manual installation, docker, etc)
• Include what you've done so far in the installation, and if you got any error messages along the way.
• Indicate whether or not you've manually edited any data directly in the database

Previously used this install on a docker container and it worked fine behind an NGINX/LetsEncrypt Reverse Proxy. When switching to cPanel, I made the account, modified the HTTP/HTTPS DocRoot to /home/USER/public_html/public, installed the code using the Git method, restored the backup from the docker install, created the .env, and the website works fine. The only issue I am having is this email sending. I am using SMTP to attempt to send thru AWS SES. Somehow it seems as though SwiftMailer is connecting to my local SMTP server and failing the certificate verification. I used SES in the docker container and never had this issue.

I did a NSLOOKUP from the cPanel account that runs the site, and from Root and received the following: [USER@HOST ~]$ nslookup

email-smtp.us-east-1.amazonaws.com Server: LOCAL DNS Address: LOCAL DNS#53

Non-authoritative answer: Name: email-smtp.us-east-1.amazonaws.com Address: 34.204.209.33 Name: email-smtp.us-east-1.amazonaws.com Address: 3.220.235.182 Name: email-smtp.us-east-1.amazonaws.com Address: 18.207.19.134 Name: email-smtp.us-east-1.amazonaws.com Address: 18.208.5.14 Name: email-smtp.us-east-1.amazonaws.com Address: 34.201.206.179 Name: email-smtp.us-east-1.amazonaws.com Address: 35.170.124.17 Name: email-smtp.us-east-1.amazonaws.com Address: 35.173.114.104 Name: email-smtp.us-east-1.amazonaws.com Address: 54.158.33.92

So the issue doesn't appear to be DNS related. My .env mail settings are:

--------------------------------------------

REQUIRED: OUTGOING MAIL SERVER SETTINGS

--------------------------------------------

MAIL_DRIVER=smtp MAIL_HOST=email-smtp.us-east-1.amazonaws.com MAIL_PORT=587 MAIL_USERNAME= MAIL_PASSWORD= MAIL_ENCRYPTION=TLS MAIL_FROM_ADDR= MAIL_FROM_NAME='' MAIL_REPLYTO_ADDR= MAIL_REPLYTO_NAME='' MAIL_AUTO_EMBED_METHOD='attachment'

I switched to the 'mail' driver, and everything worked, sending thru cPanel, however the server does not have a high quality IP, so I need to use the SMTP driver. I will use mail in the interim, but I am hoping we can get this figured out. Let me know what you need from me and what I can do to help.

[welcome[bot]]

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

[snipe]

Hm - we use SES for our hosted customers, so there shouldn't be any issues. Do you have any kind of firewall or MITM setup? Those settings look right to me (except for the missing values of MAIL_FROM_NAME and MAIL_REPLYTO_ADDR)

[TheMrDrProf]

Hm - we use SES for our hosted customers, so there shouldn't be any issues. Do you have any kind of firewall or MITM setup? Those settings look right to me (except for the missing values of MAIL_FROM_NAME and MAIL_REPLYTO_ADDR)

There is a firewall in place, but there's no restrictions in place for outbound traffic. Server is baremetal and directly connected to a switch and to the router/firewall. I have the MAIL_FROM_NAME and MAIL_REPLYTO_ADDR filled in in my .env -- Looks like GitHub did something with those. I used the LinuxServer.io docker container with these settings previously and it worked fine, which makes me think environment might be an issue, but I am unsure what to do to move forward on diagnosis. The scripts have the necessary permissions and account capabilities to make calls out.

If you have any thoughts or ideas for diagnosis, I'm all for it. Thanks for your help!

[snipe]

I'm going to guess you figured out a workaround for this, since it's very old? :)