Send mail from within Vocbench
108 views
Skip to first unread message
Maarten Becker
May 10, 2021, 6:19:49 AM5/10/21
to vocbench-user
Hi,
I managed to run Vocbench as docker container proxied by nginx (as described here: https://groups.google.com/g/vocbench-user/c/OzOrm1BeJe4/m/O3zeH33DAgAJ).
I try to make mail sending work, but I end up with error messages:
javax.mail.MessagingException: Could not connect to SMTP host:
smtp.strato.de, port: 465;
nested exception is:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol
is disabled or cipher suites are inappropriate)
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1934)
at
com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:638)
at javax.mail.Service.connect(Service.java:317)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
at javax.mail.Transport.send(Transport.java:124)
at
it.uniroma2.art.semanticturkey.email.EmailSender.sendMail(EmailSender.java:62)
at
it.uniroma2.art.semanticturkey.email.EmailService.sendMailServiceConfigurationTest(EmailService.java:37)
at
it.uniroma2.art.semanticturkey.services.core.Administration.testEmailConfig(Administration.java:186)
at
it.uniroma2.art.semanticturkey.services.core.Administration$$FastClassBySpringCGLIB$$ac987012.invoke(<generated>)
at
org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:701)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at
org.springframework.validation.beanvalidation.MethodValidationInterceptor.invoke(MethodValidationInterceptor.java:93)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:64)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:51)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at
org.springframework.aop.aspectj.AspectJAfterAdvice.invoke(AspectJAfterAdvice.java:42)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
at
org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:633)
at
it.uniroma2.art.semanticturkey.services.core.Administration$$EnhancerBySpringCGLIB$$2d660d8b.testEmailConfig(<generated>)
at
it.uniroma2.art.semanticturkey.services.core.controllers.AdministrationController.testEmailConfigPublished(AdministrationController.java:263)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
at
org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136)
at
org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104)
at
org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandleMethod(RequestMappingHandlerAdapter.java:743)
at
org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:672)
at
org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:82)
at
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:933)
at
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:867)
at
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:951)
at
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:842)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
at
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:827)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:865)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1655)
at
org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:215)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:146)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:91)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
it.uniroma2.art.semanticturkey.security.CORSFilter.doFilter(CORSFilter.java:40)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
at
it.uniroma2.art.semanticturkey.http.session.CrossContextSessionFilter.doFilter(CrossContextSessionFilter.java:25)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1634)
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71)
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at
org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
at
org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1317)
at
org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:293)
at
org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
at
org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1219)
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80)
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at org.eclipse.jetty.server.Server.handle(Server.java:531)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
at
org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
at
org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
at
org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
at
org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
at
org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:762)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:680)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol
(protocol is disabled or cipher suites are inappropriate)
at
sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:171)
at
sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
at
sun.security.ssl.TransportContext.kickstart(TransportContext.java:220)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:428)
at
com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:507)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:238)
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1900)
... 114 more
I tried several mailboxes that I know to work properly...
Help would be appreciated.
Thanks,
Maarten
Tiziano Lorenzetti
May 10, 2021, 6:58:09 AM5/10/21
to Maarten Becker, vocbench-user
Deat Maarten,
this could be an issue related to the configuration. Which
cryptographic protocol have you chosen?
From the stacktrace you posted I can see you're using SMTP Strato email server on port 465 and from here I see that it uses SSL/TLS protocol. Did you selected "SSL" in the Email Configuration panel?
Best regards,
Tiziano
--
You received this message because you are subscribed to the Google Groups "vocbench-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vocbench-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vocbench-user/c93c3d8b-6667-4c2f-b8e2-4ded32559ac7n%40googlegroups.com.
Maarten Becker
May 10, 2021, 7:13:00 AM5/10/21
to vocbench-user
Yes, it's SSL.
I somewhere saw that "mail.smtp.ssl.trust=*" may be helpful, but it wasn't...
The config file (SemanticTurkeyData/system/plugins/it.uniroma2.art.semanticturkey/settings.props) looks like:
mail.smtp.ssl.enable=true
mail.from.address=vocbench-admin@******.de
mail.admin.address=vocbench-admin@*******.de
mail.smtp.host=smtp.strato.de
stDataVersion=9.1.0
mail.smtp.starttls.enable=false
mail.smtp.port=465
mail.smtp.auth=true
mail.smtp.ssl.trust=*
mail.from.alias=Admin
mail.from.password=***********************
alignment.remote.port=7575
mail.from.address=vocbench-admin@******.de
mail.admin.address=vocbench-admin@*******.de
mail.smtp.host=smtp.strato.de
stDataVersion=9.1.0
mail.smtp.starttls.enable=false
mail.smtp.port=465
mail.smtp.auth=true
mail.smtp.ssl.trust=*
mail.from.alias=Admin
mail.from.password=***********************
alignment.remote.port=7575
Best regards,
Maarten
Tiziano Lorenzetti
May 10, 2021, 8:35:16 AM5/10/21
to Maarten Becker, vocbench-user
Unfortunately that mail.smtp.ssl.trust is not foreseen by the configuration, so it will be ignored by the email service of SemanticTurkey. The only configuration parameters available for the email service are those editable from the VocBench Email Configuration panel.
I just tried the service over different SMTP mail servers that use the SSL protocol (like gmail or libero) and I had no issue.
In the first email you wrote that you tried with several mailboxes. Do they all use Strato SMTP email server?
I just tried the service over different SMTP mail servers that use the SSL protocol (like gmail or libero) and I had no issue.
In the first email you wrote that you tried with several mailboxes. Do they all use Strato SMTP email server?
I would try to reproduce and debug the error by myself but I see that strato.de doesn't foreseen free mail account
To view this discussion on the web visit https://groups.google.com/d/msgid/vocbench-user/d2ae8f6a-f53b-488d-a6b2-25f0a0a6790dn%40googlegroups.com.
Maarten Becker
May 10, 2021, 8:55:33 AM5/10/21
to vocbench-user
Just tested with gmail:
javax.mail.MessagingException: Could not connect to SMTP host: smtp.gmail.com, port: 465;
nested exception is:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at
I also tested with mailbox.org.
Maybe it is a problem of my installation.
At the moment I don't have an idea where to look. Can I get better debug data?
M
Tiziano Lorenzetti
May 10, 2021, 11:07:44 AM5/10/21
to Maarten Becker, vocbench-user
Dear Maarten,
any change you could test if the same error occures with an installation of VocBench without docker or proxy in the middle?
At this point, I suspect that your installation setup could in some way affects the email service, so if you could test VB with a plain setup it would eventually confirm my suspects.
Thanks.
Tiziano
To view this discussion on the web visit https://groups.google.com/d/msgid/vocbench-user/7b3bb5c0-f734-4615-9fac-14f8885f819dn%40googlegroups.com.
Tiziano Lorenzetti
Jun 16, 2021, 9:34:52 AM6/16/21
to Maarten Becker, vocbench-user
Dear Maarten,
I have news about this issue. It seems that it depends from some Java security settings that block the usage of a protocol used by the javax mail API.
We have just pushed a fix that will be available in the next release.
In the meantime you should be able to solve the issue by editing the file $JAVA_HOME/jre/lib/security/java.security and removing the values TLSv1, TLSv1.1 from the property jdk.tls.disabledAlgorithms.
In the meantime you should be able to solve the issue by editing the file $JAVA_HOME/jre/lib/security/java.security and removing the values TLSv1, TLSv1.1 from the property jdk.tls.disabledAlgorithms.
Best regards,
Tiziano
Maarten Becker
Jun 17, 2021, 5:06:56 AM6/17/21
to vocbench-user
Thanks for letting me know... I tried your suggestion. However, my mail provider requires TLS to be at least 1.2, so that does not work for me... When is the next release scheduled?
Tiziano Lorenzetti
Jun 17, 2021, 5:30:15 AM6/17/21
to Maarten Becker, vocbench-user
Hi Maarten,
it is scheduled by the end of july
To view this discussion on the web visit https://groups.google.com/d/msgid/vocbench-user/f731cf55-075d-4acc-b744-fa1fbdbed660n%40googlegroups.com.
Eugene Morozov
Jun 17, 2021, 5:45:33 AM6/17/21
to Tiziano Lorenzetti, Maarten Becker, vocbench-user
Hi Maarten,
You can try a solution that worked for me in a slightly different context unless you have other constraints (my provider did not rely on using "from" address as a username, which VocBench assumes, but rather used a separate username and API token).
1. Host a separate SMTP relay. It is pretty lightweight and does not take much memory or CPU - here's a snippet of what my Docker compose file looked like assuming you can use TLS with your provider as per your last messages (obviously you need to take care it is not reachable by hosts other than your VocBench host, etc.):
smtp:
image: namshi/smtp:latest
ports:
- "25:25"
environment:
- SMARTHOST_ADDRESS=smtp.sendgrid.net
- SMARTHOST_PORT=587
- SMARTHOST_USER=apikey
- SMARTHOST_PASSWORD=XXXXX
- SMARTHOST_ALIASES=*.sendgrid.net
2. Configure VocBench with plain unencrypted SMTP on port 25 (in this case inside Docker compose or in Kubernetes with config as per #1):
Mail SMTP host: smtp
Mail SMTP port: 25
Cryptographic protocol: None
Hope this helps.
Eugene.
You can try a solution that worked for me in a slightly different context unless you have other constraints (my provider did not rely on using "from" address as a username, which VocBench assumes, but rather used a separate username and API token).
1. Host a separate SMTP relay. It is pretty lightweight and does not take much memory or CPU - here's a snippet of what my Docker compose file looked like assuming you can use TLS with your provider as per your last messages (obviously you need to take care it is not reachable by hosts other than your VocBench host, etc.):
smtp:
image: namshi/smtp:latest
ports:
- "25:25"
environment:
- SMARTHOST_ADDRESS=smtp.sendgrid.net
- SMARTHOST_PORT=587
- SMARTHOST_USER=apikey
- SMARTHOST_PASSWORD=XXXXX
- SMARTHOST_ALIASES=*.sendgrid.net
2. Configure VocBench with plain unencrypted SMTP on port 25 (in this case inside Docker compose or in Kubernetes with config as per #1):
Mail SMTP host: smtp
Mail SMTP port: 25
Cryptographic protocol: None
Hope this helps.
Eugene.
To view this discussion on the web visit https://groups.google.com/d/msgid/vocbench-user/CAOA09s2HjxSm9XPKv1HZMH%3DNzajb%2BFJeMGgihGzTw0P_kf8BPg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages