Problem sending mail

Need Help With My Project
1

Hey. Since I also have a problem sending mail, I decided to check SMTP server Gmail. I used https://www.smtper.net/.
Here’s what happened:

SMTP send error

The operation has timed out.
465

SMTP send error

The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 Authentication Required. Learn more at
587


SMTP send error

The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 Authentication Required. Learn more at
25
2

Please don’t tack onto older (and solved) topics with your new issue. I moved you to your own topic.

You may also wish to supply a lot more details of your setup/issue if you expect anyone to look at it.

3

Good. Thank.I use AWS Amazon Web service. E2C Debian 9. Originally this the distribution has no java. I installed default Java.

openjdk version "1.8.0_265"
OpenJDK Runtime Environment (build 1.8.0_265-8u265-b01-0+deb9u1-b01)
OpenJDK 64-Bit Server VM (build 25.265-b01, mixed mode)

Javac have the same version.
I check several services SMTP with
https://www.smtper.net/. Yandex is being tested on all three ports 25 , 465 , 587. Gmail does not pass the test.
But even Yandex does not work for me.
In the security settings of the virtual machine, I opened all TCP traffic on the all ports.
Else, I have notification from Amazon
[spoiler]

This is the second notice regarding TLS requirements on FIPS endpoints.

We are in the process of updating all AWS Federal Information Processing Standard (FIPS) endpoints across all AWS regions to Transport Layer Security (TLS) version 1.2 by March 31, 2021 . In order to avoid an interruption in service, we encourage you to act now, by ensuring that you connect to AWS FIPS endpoints at a TLS version of 1.2. If your client applications fail to support TLS 1.2 it will result in connection failures when TLS versions below 1.2 are no longer supported.

Between now and March 31, 2021 AWS will remove TLS 1.0 and TLS 1.1 support from each FIPS endpoint where no connections below TLS 1.2 are detected over a 30-day period. After March 31, 2021 we may deploy this change to all AWS FIPS endpoints, even if there continue to be customer connections detected at TLS versions below 1.2.

We will provide additional updates and reminders on the AWS Security Blog, with a ‘TLS’ tag [1]. If you need further guidance or assistance, please contact AWS Support [2] or your Technical Account Manager (TAM). Additional information is below.

How can I identify clients that are connecting with TLS 1.0/1.1?
For customers using S3 [3], Cloudfront [4] or Application Load Balancer [5] you can use your access logs to view the TLS connection information for these services, and identify client connections that are not at TLS 1.2. If you are using the AWS Developer Tools on your clients, you can find information on how to properly configure your client’s TLS versions by visiting Tools to Build on AWS [7] or our associated AWS Security Blog has a link for each unique code language [7].

What is Transport Layer Security (TLS)?
Transport Layer Security (TLS Protocols) are cryptographic protocols designed to provide secure communication across a computer network [6].

What are AWS FIPS endpoints?
All AWS services offer Transport Layer Security (TLS) 1.2 encrypted endpoints that can be used for all API calls. Some AWS services also offer FIPS 140-2 endpoints [9] for customers that require use of FIPS validated cryptographic libraries.

[/spoiler]
Mail smtp use TLS 1.2.
I think, that the problem was caused by bad certificates. I use Automatic Let’s encrypt certificates generation.
I tried to enter incorrect login and password data into the output with the same error.

12:24:51.032 INFO - Using data dir '/home/admin/Blynk'
12:24:51.867 INFO - Region : local. Host : ***.
12:24:51.931 INFO - Using native epoll transport.
12:24:52.438 INFO - Initializing gmail smtp mail transport. Username : ***@yandex.ru. SMTP host : smtp.yandex.ru :465
12:24:52.479 INFO - Reports : 0
12:24:52.486 INFO - Didn't find Let's Encrypt certificates.
12:24:52.486 WARN - You didn't specified 'server.host' or 'contact.email' properties in server.properties file. Automatic certificate generation is turned off. Please specify above properties for automatic certificates retrieval.
12:24:52.486 INFO - Using native openSSL provider.
12:24:52.841 INFO - HTTP API and WebSockets server listening at 8080 port.
12:24:52.842 INFO - HTTPS API, WebSockets and Admin page server listening at 9443 port.
12:24:52.843 INFO - Mqtt hardware server listening at 8440 port.
12:24:57.555 INFO - ***@gmail.com Blynk-app (android-22712) joined.
12:24:59.013 ERROR- Error sending email auth token to user : ***@gmail.com. Error: Couldn't connect to host, port: smtp.yandex.ru , 465; timeout 60000
4

New day - new research!
:face_with_monocle:
I used java 11 today.

openjdk version "11.0.6" 2020-01-14
OpenJDK Runtime Environment (build 11.0.6+10-post-Debian-1bpo91)
OpenJDK 64-Bit Server VM (build 11.0.6+10-post-Debian-1bpo91, mixed mode, sharing)
admin@ip:~/Blynk$ javac -version
javac 11.0.6

Also I downloaded server-0.41.13.jar .
Server started sucessful.
But I got the same result. :thinking: :anguished:

5

Why aren’t you using smtp.gmail.com and port 587 ?

And, have you configured your gmail account to allow “less secure applications” ?

Pete.

6

Yes.

Yandex mail service satisfies the check site on all three ports.
I am getting the same error, when I use smtp.gmail.com port 587.

7

Maybe this is to blame GoDaddy?
They have a bad reputation.
Here’s what I found:

If you are running your code on Godaddy and trying to connect to some third-party SMTP provider like smtp.pepipost.com or smtp.sendgrid.com and getting some errors like this;
then nothing to really debug further, because it is because of a wried rule imposed by Godaddy on its user, where Godaddy has explicitly blocked the outgoing SMTP connection to ports 25, 587 and 465 to all external servers except for their own. Godaddy primarily wants their users to use their own SMTP instead of any third party SMTP, which is not at all an acceptable move for the developer community and many have has expressed their frustration in form of issues on StackOverflow too.

https://pepipost.com/tutorials/phpmailer-smtp-error-could-not-connect-to-smtp-host/

command

openssl s_client -connect smtp.gmail.com:587 -starttls smtp

return

CONNECTED(00000003)
depth=2 OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = US, O = Google Trust Services, CN = GTS CA 1O1
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google LLC, CN = smtp.gmail.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google LLC/CN=smtp.gmail.com
   i:/C=US/O=Google Trust Services/CN=GTS CA 1O1
 1 s:/C=US/O=Google Trust Services/CN=GTS CA 1O1
   i:/OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
---
Server certificate
-----BEGIN CERTIFICATE-----
//l this delete.
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google LLC/CN=smtp.gmail.com
issuer=/C=US/O=Google Trust Services/CN=GTS CA 1O1
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3083 bytes and written 294 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-ECDSA-CHACHA20-POLY1305
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-ECDSA-CHACHA20-POLY1305
    Session-ID: 9E8B34C9AE34E7E86C7AB2C46578E4D1D284386B8CC7CDF088461B7D652A88CE
    Session-ID-ctx:
    Master-Key: 
//l this delete.
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - 01 30 b1 83 02 dc 9c 47-57 44 54 d4 4f 8f a2 cc   .0.....GWDT.O...
    0010 - 96 bc 9c e1 b9 19 e2 47-95 ae c2 a0 01 4f 4b 9e   .......G.....OK.
    0020 - 05 5f 17 89 64 48 2b 37-9e 2d 46 ea 21 26 6d 25   ._..dH+7.-F.!&m%
    0030 - fe 9a 75 4d cd ba e1 73-a5 bf e6 dc c2 74 af 59   ..uM...s.....t.Y
    0040 - dd 88 45 42 7a 4e b5 3e-36 25 6f 7a 76 c0 1e 70   ..EBzN.>6%ozv..p
    0050 - 57 c3 7d 64 e1 48 c3 c2-eb 70 19 a4 3d 44 f7 0d   W.}d.H...p..=D..
    0060 - a8 2c 50 59 f4 e8 0c 9f-d3 55 ee 35 71 ea 85 87   .,PY.....U.5q...
    0070 - 23 cb 9c ee 95 c6 fb 1a-cc 2e e4 68 e3 d4 4e ac   #..........h..N.
    0080 - 44 09 8f 00 db 4a 41 89-e4 83 56 f3 bb fc e3 35   D....JA...V....5
    0090 - e9 f4 7e f6 c1 39 ca 19-cb f8 d0 5f 40 c0 1e 6a   ..~..9....._@..j
    00a0 - 7d 09 4b e5 e6 b9 eb 77-a2 b6 73 c2 df 52 03 1e   }.K....w..s..R..
    00b0 - f2 da b3 77 71 48 69 7b-da c1 a9 ae 32 60 65 94   ...wqHi{....2`e.
    00c0 - e7 03 29 56 1c 19 db e1-25 0a 10 66 6c 51 f5 84   ..)V....%..flQ..
    00d0 - 51 e5 b3 d6 40 97 52 b6-75 fe 1c cd c2 c6 e7 63   Q...@.R.u......c
    00e0 - 39 05                                             9.

    Start Time: 1598106345
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
250 SMTPUTF8
8

Another feature.
I completely replaced the content today mail.properties and now I get a slightly different error.

Error: Couldn't connect to host, port: smtp.gmail.com, 25; timeout 30000

Although I indicate the port 587.

9

Hooray! Happened. I copied the settings text from github and filled them in for yandex.

mail.smtp.auth = true
mail.smtp.starttls.enable = true
mail.smtp.host = smtp.yandex.ru
mail.smtp.port = 587
mail.smtp.username = email@yandex.ru
mail.smtp.password = pass
mail.smtp.connectiontimeout = 30000
mail.smtp.timeout = 120000