SMTP on 2.10
54 views
Skip to first unread message
Conan Malone
Feb 16, 2016, 9:36:20 AM2/16/16
to privacyidea
Hi,
I've been trying to configure the new feature on 2.10 that allows you to add SMTP servers, I have used the same credentials as I used before in the old setup for emails but am now getting an 535 authentication error. I have also noticed that when the configuration is saved and clicked back on, the password disappears - is this normal or could it be this that is causing the connection to fail?
Thanks,
Conan
Cornelius Kölbel
Feb 16, 2016, 9:54:34 AM2/16/16
to priva...@googlegroups.com
Hello Conan,
the password is saved in the database table "smtpserver".
Can you please check, if it is save in your table?
There is a minor flaw in the UI, which only allows you to enter
email-addresses as usernames.
Is your username an email address, that contains "@" or is it a normal
name?
Kind regards
Cornelius
> --
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
> https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> Visit this group at https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/d6f4e19a-f40f-4ccc-8e37-e2b01042015d%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
the password is saved in the database table "smtpserver".
Can you please check, if it is save in your table?
There is a minor flaw in the UI, which only allows you to enter
email-addresses as usernames.
Is your username an email address, that contains "@" or is it a normal
name?
Kind regards
Cornelius
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
> https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> Visit this group at https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/d6f4e19a-f40f-4ccc-8e37-e2b01042015d%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Conan Malone
Feb 17, 2016, 7:41:10 AM2/17/16
to privacyidea
Hi Cornelius,
I have checked the smtpserver table and the password is in there along with ip address, port, username etc.
(1,'MY-SMTP','IP ADDRESS',PORT,'us...@domain.com','Encyrpted Password','us...@domain.com',0,'Description')
The username is an email address so I have no problem with that as that saves when I save the configuration, just the password that disappears..
I've checked the log on my SMTP server and this is what comes through when I send a test email from the UI.
"SMTPD" 2120 12733 "2016-02-17 11:28:09.200" "192.168.XX.X" "SENT: 220 OurDomain.com"
"SMTPD" 3712 12733 "2016-02-17 11:28:09.200" "192.168.XX.X" "RECEIVED: ehlo [127.0.0.1]"
"SMTPD" 3712 12733 "2016-02-17 11:28:09.200" "192.168.XX.X" "SENT: 250-OurDomain.com[nl]250-SIZE 20480000[nl]250-STARTTLS[nl]250-AUTH LOGIN PLAIN[nl]250 HELP"
"SMTPD" 3180 12733 "2016-02-17 11:28:09.216" "192.168.XX.X" "RECEIVED: AUTH PLAIN AHVzZXJAZG9tYWluLmNvbQBGQUlMRUQgVE8gREVDUllQVCBQQVNTV09SRCE="
"SMTPD" 3180 12733 "2016-02-17 11:28:09.216" "192.168.XX.X" "SENT: 535 Authentication failed. Restarting authentication process."
The decoded version of the AUTH PLAIN part seems to give back this result..
AUTH PLAIN AHVzZXJAZG9tYWluLmNvbQBGQUlMRUQgVE8gREVDUllQVCBQQVNTV09SRCE=" = us...@domain.com FAILED TO DECRYPT PASSWORD!
Any ideas on what might be the problem?
Thanks,
Conan
Cornelius Kölbel
Feb 17, 2016, 9:01:38 AM2/17/16
to priva...@googlegroups.com
FAILED TO DECRYPT PASSWORD is a message by privacyIDEA which occurs
during the decryption of encrpyted values (like the SMTP password)
https://github.com/privacyidea/privacyidea/blob/49f9f11600ee02b6e78bbf77209345f9ff497b8f/privacyidea/lib/crypto.py#L320
This happens if for whichever reason the password can not be decrypted
(as the error message suggests ;-)
This can be:
1. you changed the encryption key
2. you chose a password that gets not correctly encrypted
and then decrypted like
* strange characters in the password that confuse the API
(You can monitor the transmisstion/API when saving the password
enabling the Developer mode in the broswer)
* To long password that is encrypted that long that is does not fit
into the database table (don't think so)
I suggest using Ctrl-I in your browser to watch the network traffic
during saving the SMTP settings.
Kind regards
Cornelius
> https://groups.google.com/d/msgid/privacyidea/f2e21365-47e0-48fe-b719-0349d450d414%40googlegroups.com.
during the decryption of encrpyted values (like the SMTP password)
https://github.com/privacyidea/privacyidea/blob/49f9f11600ee02b6e78bbf77209345f9ff497b8f/privacyidea/lib/crypto.py#L320
This happens if for whichever reason the password can not be decrypted
(as the error message suggests ;-)
This can be:
1. you changed the encryption key
2. you chose a password that gets not correctly encrypted
and then decrypted like
* strange characters in the password that confuse the API
(You can monitor the transmisstion/API when saving the password
enabling the Developer mode in the broswer)
* To long password that is encrypted that long that is does not fit
into the database table (don't think so)
I suggest using Ctrl-I in your browser to watch the network traffic
during saving the SMTP settings.
Kind regards
Cornelius
Reply all
Reply to author
Forward
0 new messages