Hey. Since I also have a problem sending mail, I decided to check SMTP server Gmail. I used https://www.smtper.net/.
Here’s what happened:
SMTP send error
The operation has timed out.
465
SMTP send error
The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 Authentication Required. Learn more at
587
SMTP send error
The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 Authentication Required. Learn more at
25
Good. Thank.I use AWS Amazon Web service. E2C Debian 9. Originally this the distribution has no java. I installed default Java.
openjdk version "1.8.0_265"
OpenJDK Runtime Environment (build 1.8.0_265-8u265-b01-0+deb9u1-b01)
OpenJDK 64-Bit Server VM (build 25.265-b01, mixed mode)
Javac have the same version.
I check several services SMTP with https://www.smtper.net/. Yandex is being tested on all three ports 25 , 465 , 587. Gmail does not pass the test.
But even Yandex does not work for me.
In the security settings of the virtual machine, I opened all TCP traffic on the all ports.
Else, I have notification from Amazon
[spoiler]
This is the second notice regarding TLS requirements on FIPS endpoints.
We are in the process of updating all AWS Federal Information Processing Standard (FIPS) endpoints across all AWS regions to Transport Layer Security (TLS) version 1.2 by March 31, 2021 . In order to avoid an interruption in service, we encourage you to act now, by ensuring that you connect to AWS FIPS endpoints at a TLS version of 1.2. If your client applications fail to support TLS 1.2 it will result in connection failures when TLS versions below 1.2 are no longer supported.
Between now and March 31, 2021 AWS will remove TLS 1.0 and TLS 1.1 support from each FIPS endpoint where no connections below TLS 1.2 are detected over a 30-day period. After March 31, 2021 we may deploy this change to all AWS FIPS endpoints, even if there continue to be customer connections detected at TLS versions below 1.2.
We will provide additional updates and reminders on the AWS Security Blog, with a ‘TLS’ tag [1]. If you need further guidance or assistance, please contact AWS Support [2] or your Technical Account Manager (TAM). Additional information is below.
How can I identify clients that are connecting with TLS 1.0/1.1?
For customers using S3 [3], Cloudfront [4] or Application Load Balancer [5] you can use your access logs to view the TLS connection information for these services, and identify client connections that are not at TLS 1.2. If you are using the AWS Developer Tools on your clients, you can find information on how to properly configure your client’s TLS versions by visiting Tools to Build on AWS [7] or our associated AWS Security Blog has a link for each unique code language [7].
What is Transport Layer Security (TLS)?
Transport Layer Security (TLS Protocols) are cryptographic protocols designed to provide secure communication across a computer network [6].
What are AWS FIPS endpoints?
All AWS services offer Transport Layer Security (TLS) 1.2 encrypted endpoints that can be used for all API calls. Some AWS services also offer FIPS 140-2 endpoints [9] for customers that require use of FIPS validated cryptographic libraries.
[/spoiler]
Mail smtp use TLS 1.2.
I think, that the problem was caused by bad certificates. I use Automatic Let’s encrypt certificates generation.
I tried to enter incorrect login and password data into the output with the same error.
12:24:51.032 INFO - Using data dir '/home/admin/Blynk'
12:24:51.867 INFO - Region : local. Host : ***.
12:24:51.931 INFO - Using native epoll transport.
12:24:52.438 INFO - Initializing gmail smtp mail transport. Username : ***@yandex.ru. SMTP host : smtp.yandex.ru :465
12:24:52.479 INFO - Reports : 0
12:24:52.486 INFO - Didn't find Let's Encrypt certificates.
12:24:52.486 WARN - You didn't specified 'server.host' or 'contact.email' properties in server.properties file. Automatic certificate generation is turned off. Please specify above properties for automatic certificates retrieval.
12:24:52.486 INFO - Using native openSSL provider.
12:24:52.841 INFO - HTTP API and WebSockets server listening at 8080 port.
12:24:52.842 INFO - HTTPS API, WebSockets and Admin page server listening at 9443 port.
12:24:52.843 INFO - Mqtt hardware server listening at 8440 port.
12:24:57.555 INFO - ***@gmail.com Blynk-app (android-22712) joined.
12:24:59.013 ERROR- Error sending email auth token to user : ***@gmail.com. Error: Couldn't connect to host, port: smtp.yandex.ru , 465; timeout 60000
Maybe this is to blame GoDaddy?
They have a bad reputation.
Here’s what I found:
If you are running your code on Godaddy and trying to connect to some third-party SMTP provider like smtp.pepipost.com or smtp.sendgrid.com and getting some errors like this;
then nothing to really debug further, because it is because of a wried rule imposed by Godaddy on its user, where Godaddy has explicitly blocked the outgoing SMTP connection to ports 25, 587 and 465 to all external servers except for their own. Godaddy primarily wants their users to use their own SMTP instead of any third party SMTP, which is not at all an acceptable move for the developer community and many have has expressed their frustration in form of issues on StackOverflow too.