I have an issue with the mandrill API, I got this message :
Failed to connect to mandrillapp.com port 443: Connection timed out
It's works on my production server (ex mysite.com), but not on my dev server (ex mysite.com:8080).
The two servers have same config by the way.
Anyone knows why I got this issue ?
Thanks !
Make sure your hosting provider or internet provider (ISP) allows
outbound SMTP connections. Some shared hosting providers only allow
outbound SMTP connections on dedicated servers, while others block
them completely. In some cases, hosting providers might redirect the
connection, so instead of connecting to smtp.mandrillapp.com, you
connect to their local server instead.
Make sure the port you've selected is one that your hosting provider
or ISP has available for outbound SMTP connections. Some hosts block
all connections on port 25, for example, so you can try using a
different supported port.
Double check that you're using a valid API key to connect via SMTP,
and not the password that's used to log in to Mandrill's web
application.
If you're using Postfix, make sure that you have an SASL library
(like libsasl2 or cyrus) installed and that it's up to date.
Otherwise, you may be connecting but not passing authentication
credentials.
For other SMTP libraries, make sure you're using LOGIN or PLAIN
authentication methods.
Once you've confirmed all of the above, if you're still seeing issues,
please enable additional logging in your SMTP program or library. If
you're using an integration, contact the integration developer for
information on configuring logging of the SMTP conversation.
Where do I find my SMTP credentials?
After you create a Mandrill account, get your SMTP credentials on the
SMTP & API Info page in your account.
The SMTP password is any active API key for your account, not the
password used to log in to Mandrill. The credentials list port 587,
but any port supported by Mandrill will work, and there's no
configuration change needed within Mandrill to activate one of the
alternate ports.
Which SMTP ports can I use?
You can use port 25, 587, or 2525 if you're not encrypting the
communication between your system and Mandrill or if you want to use
the STARTTLS extension (also known as TLS encryption). SSL is
supported on port 465.
ISPs may redirect traffic on certain ports, so it's up to you which
port you use.
Related
According to this
Gmail SMTP Server could also be used to relay messages from your
device or application. You can connect to Gmail mail servers using
SMTP, SSL/TLS. If you connect using SMTP, you can only send mail to
Gmail or Google Apps users; if you connect using SSL/TLS, you can send
mail to anyone.
If your device or application supports SSL - connect to smtp.gmail.com
on port 465.
So I tried connecting to smtp.gmail.com on port 465. I got the following error:
Unable to send email using PHP SMTP. Your server might not be
configured to send mail using this method.
Some code uses another address "ssl://smtp.gmail.com".
When I use ssl://smtp.gmail.com also on port 465, my application now works correctly.
What's the difference between ssl://smtp.gmail.com and smtp.gmail.com if the latter also uses ssl?
Why can't we send emails to other domains without SSL? Is this only done by gmail for security purposes?
I am extremely new at this. Can anyone explain? I am using php if it matters.
The difference between the prefixing the hostname with ssl:// and without it is whether or not the underlying stream will be wrapped through OpenSSL, or speak in plain text.
When you connect to Gmail on port 465, it expects the client will use TLS encryption. Most likely, the error message you were seeing was a general result of connecting to a service expecting an encrypted connection when it was just trying to write and read data in plain text.
PHP does magic for you when you use the ssl:// wrapper to connect to a service that supports TLS or SSL. It allows you to read and write on the stream (using say fread/fwrite) in the same manner you would on an unencrypted connection and all the handshaking, encryption, and decryption is done in the background having to do no more than prefix the host with the ssl wrapper.
As to the second question, it is most likely security related. In order to relay (send mail to another domain) you need to authenticate over SMTP which should NEVER be done in cleartext while you can connect on port 25 using an unencrypted connection and send mail to a Gmail user without authenticating (this is what most outside mail servers do when one of their users which to send mail to Gmail). But technologically, there's nothing preventing them from allowing you to send mail using an unencrypted connection, or even authenticating with Gmail credentials (this is called an open relay and is usually badly abused by spammers).
You can learn more about your first question by just reading about the SMTP protocol, the STARTTLS command, and TLS encryption in general. STARTTLS allows a client to connect to the mail server over an unencrypted connection and then negotiate (upgrade) the connection to use encryption, where on the other hand, connections to port 465 expect a TLS handshake to occur as soon as the connection is established and before any protocol (SMTP) communication occurs.
I have setup an instance in google cloud platform. I am running laravel 5.2 project on that instance. Everything is working good but i am facing some issues while configuring 1and1 mail.
I know that google cloud platform is blocked the 587,465 and 25 port by default and we can setup some vpn which will help to remove this restriction. But i don't want to go in that way because it would have security problems.
I have tried to send email through smtp and mail driver. I am getting connection failure error through smtp driver, and through mail driver, it shows that email is sent but i am not getting the email in my inbox. Here is my .env file for mail driver settings for 1and1. I have also tried 25 port also.
MAIL_DRIVER=mail
MAIL_HOST=auth.smtp.1and1.co.uk
MAIL_PORT=587
MAIL_USERNAME=test#mydomain.com
MAIL_PASSWORD=pass
MAIL_ENCRYPTION=tls
Can you please help me to configure it?
As you alluded to, and documented, GCE doesn't allow outbound 25, 465 or 587. This is blocking your connection to 1and1.
If you can ask 1and1 to provide an alternate SMTP port (e.g. 2525 etc) then you can use that without issue.
Google also has partners that will allow you to send up to tens of thousands of emails monthly, for free. Pick one and follow the instructions here.
i am using Ubuntu based ec2 instance, recently i have shifted my code on aws and it seemed email functionality is not working. I am using gmail SMTP service
below is my code
'Smtpmail'=>array(
'class'=>'application.extensions.smtpmail.PHPMailer',
'Host'=>"smtp.gmail.com",
'Username'=>'username',
'Password'=>'password',
'From'=>'from addr',
'setForm'=>'from name',
'Mailer'=>'smtp',
'SMTPSecure'=>'tls',
'Port'=>25,
'SMTPAuth'=>true,
),
this code is working on my unix based server but on aws it is giving below error
Mailer Error: The following From address failed: test#email.com : MAIL not accepted from server,530,5.5.1 Authentication Required. Learn more at 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 y6sm27370508qen.21 - gsmtp
Please help
MAIL not accepted from server
Because of the spam abuse that has historically been sent from people using EC2 instances, virtually ALL popular mail providers block the receipt of email from EC2 instances. The world of email and anti-spam measures is part-technical, part-political. For this reason, AWS offers Amazon Simple Email Service.
AWS works with mail providers to ensure that the nodes used by SES have been whitelisted because we do proper authorization/verification up-front.
In this case, the ability to send email from one server but not AWS is, in all likelihood, due to EC2's IP range being blacklisted by Google.
Authentication Required
If the same user/pass works elsewhere without changes, I'm not sure what to say. I know that lots and lots of mail traffic no longer uses port 25, opting instead for 587 for non-SSL and 465 for SSL. That's the first place I'd start poking to find a solution.
Using a TLS connection (port number: 587) on AWS Lambda.
How I solved the problem:
In your GMAIL account, turn on 2-factor authentication. This can be found under security settings when you go to general settings for your account.
Create a new App Password. (The field is right below the 2-factor). You can call it whatever you want. Just make sure to copy it.
Use that for your previous password.
I did that and I can send emails from AWS Lambda with no problem.
Note: You can't have "Less Secure Apps" turned on for this option. This will require you to use the App password for every application you use this email for. I had to make a few different passwords for the different apps that I use a random Gmail account for.
I got the idea from SMTP Authentication Error 534.
This has nothing to do with your ec2 instance (unless the relevant outbound ports are closed) but with the fact that Gmail really doesn't like a connection it can't identify. As stated in the thread, make sure you go to https://www.google.com/settings/security/lesssecureapps.
Then, once your instance tries to connect to the SMTP server (by sending an email in your web app I suppose), connect to your mail client with the gmail account credentials used for the SMTP connection (Gmail, thunderbird, whatever you normally use). You will have then received an email from google stating that there was some suspicious activity and that they blocked the connection, just tell them that the ec2 instance IP was indeed you and you will be all set.
I was using a Gsuite account. For me, it worked with the following steps
Make sure you have 2 step verification enabled
Generate App password from myaccount.google.com -> security (from left panel) -> 2-step verification (under "signing in to google" section)
Once 2 step verification is enabled then generate the app password.
Use that app password in your config/mail.php on .env along with the following settings
MAIL_DRIVER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=
MAIL_PASSWORD=
MAIL_ENCRYPTION=tls
Open the terminal/ command prompt and connect to the EC2 server and run the following commands to clear config and cache
php artisan config:cache
php artisan cache:clear
If that still does not work then click on the following link (Make sure you are logged in with the account which you want to use to send email via Gsuite)
https://accounts.google.com/DisplayUnlockCaptcha
This only need to verify gmail account when u login from another ip address it will ask for verification that you are the same person same thing happen here it is not verified from amazon web server IP so it require to authenticate your IP.
Do only one thing will solve the issue. Login remotely on aws server and login your gmail account from here it will ask for verification give it and your mail will work easily.
If you use port 25 for SMTP you need to open SMTP port on EC2 instance security group inbound rules.
Note: Gmail does not offer port 25 in an unsecured connection. For use port 25 secure connection are required as per gmail Configuration requirements
Read this question & answer
How do I use Gmail SMTP with port 587 on AWS EC2?
Go to https://www.google.com/settings/security/lesssecureapps and set Access for less secure apps to On
This gmail security option if on Off detects if there is inhabitual connexion pattern and block the connexion unless you verify your identity, but you need a web interface to do so.
Log into your AWS account, add rule under security group of your instance and allow the SMTP, it will work, check the port number is important.
Reading up on GAE as a possible alternative to dedicated hosting (or VPS)...
Seems I would need to re-write a bit of code, if I had modules which relied on SMTP. Does this mean that even if I connected to a remote SMTP server that code would need to change to an HTTP API (assuming one is even provided by an third party SMTP provider such as smtp.com).
Yes - AppEngine/PHP does not yet support sockets and thus you can not connect to external SMTP servers. Also, even with sockets you would not be able to use SMPT on port 25, but authenticated SMTP on port 587 - see socket limitations.
OTOH, you can send email from AppEngine via the Mail API.
If you still want to send email via an external mail provider, you need to choose one that supports HTTP API, for example Amazon SES.
I'm building an internal web-application in PHP that needs the ability to mail.
I've used the code listed here:
Send email using the GMail SMTP server from a PHP page
and it works like a charm, when I run it from my house. However, when I run the code from the office, I get the following:
Failed to connect to ssl://smtp.gmail.com:465 [SMTP: Failed to connect socket: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. (code: -1, response: )]
Any idea how to get around this?
Thanks,
-JWW
I agree with the responder above - this is most likely a firewall blocking outbound connections on port 465. You can either try TLS connection on port 587 or port 25 per Gmail's troubleshooting docs : http://support.google.com/mail/bin/answer.py?hl=en&answer=78775
If you are unable to get around this (if IT will not remove the blocks for example), you could try a third party API as a proxy. Our product http://PostageApp.com can use external mailservers such as Gmail, in addition to our own MTA, and communication is all through standard http REST calls, avoiding the firewall issue.
We're a paid service but have a free plan as well...if you would be sending more email than our free plan allows for (100/day), then you'll probably fall foul of Gmail's sending limits anyway which restrict third party clients to about 100/day outbound.
http://help.postageapp.com/kb/quick-start-guides/php
Disclaimer: I work for PostageApp
It's most probably a firewall at your workplace blocking outgoing connections to port 465. Did you try port 587 instead?