Advertisement:

Author Topic: SMTP tls with IP auth  (Read 305 times)

Offline dalslandan

  • Semi-Newbie
  • *
  • Posts: 14
SMTP tls with IP auth
« on: November 07, 2019, 12:06:25 PM »
Afternoon.

Have been trying to setup SMTP with tls, using the g-suite e-mail services with the IP-auth (meaning I don't send a password, only username 'mymail@mydomain.com').

But I cannot get TLS to work, tried manually fixing it with this old thread from 2007. But I don't know if I should send an empty password, or anything else instead.
https://simplemachines.org/community/index.php?topic=180532.msg1148462#msg1148462
Code: [Select]
//STARTTLS
server_parse('STARTTLS', $socket, null);
stream_socket_enable_crypto($socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
server_parse('EHLO ' . $modSettings['smtp_host'], $socket, null);

// Without any modification to the SMF mail system, this is the only error I get.
Code: [Select]
Ran into problems sending Mail. Error: 530 5.7.0 Must issue a STARTTLS command first. j63sm3325253wmj.46 - gsmtp
SMTP settings are:
Type: SMTP
Server: smtp.gmail.com
Port: 587
Username: mymail@mydomain.com
And no password.

* Using SMF 2.0.15



Offline dalslandan

  • Semi-Newbie
  • *
  • Posts: 14
Re: SMTP tls with IP auth
« Reply #1 on: November 07, 2019, 12:26:31 PM »
When modifying the Subs-Post.php to my best efforts, and using the 2007 code I end up with this error:
Quote
Ran into problems sending Mail. Error: 535 5.7.8 https://support.google.com/mail/?p=BadCredentials [nofollow] l22sm3485513wrb.45 - gsmtp

Changes to the code is exactly like the 2007 thread suggests, the only difference is that I comment out the smtp_password check in the if-clause.
Quote
if ($modSettings['mail_type'] == 1 && $modSettings['smtp_username'] != '' /*&& $modSettings['smtp_password'] != ''*/)

Where to go from here, if correct. I'm not sure.

Offline vbgamer45

  • Customizer
  • SMF Super Hero
  • *
  • Posts: 21,627
    • smfhacks on Facebook
    • VBGAMER45 on GitHub
    • @createaforum on Twitter
    • SMF For Free
Re: SMTP tls with IP auth
« Reply #2 on: November 07, 2019, 12:47:06 PM »
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Offline dalslandan

  • Semi-Newbie
  • *
  • Posts: 14
Re: SMTP tls with IP auth
« Reply #3 on: November 07, 2019, 03:45:10 PM »
Thanks. Implemented that code, but no difference.
It is strange that in the HELLO communication in SMTP com. layer, in that mod it can be my hostname, server name or if unavailable it can also be the smtp_host*.
* Checked the source for the SMF 2.1, and they use only your own hostname or try constructing a similar one if not available.

Anyhow talked to the G-suite support, and they helped me make some changes to my account.
24 hours waiting period before full effect is guaranteed, I will update if it worked and what it was.

Offline vbgamer45

  • Customizer
  • SMF Super Hero
  • *
  • Posts: 21,627
    • smfhacks on Facebook
    • VBGAMER45 on GitHub
    • @createaforum on Twitter
    • SMF For Free
Re: SMTP tls with IP auth
« Reply #4 on: November 07, 2019, 05:25:34 PM »
Also make sure you have less secure apps enabled on your google/gmail account.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Offline dalslandan

  • Semi-Newbie
  • *
  • Posts: 14
Re: SMTP tls with IP auth
« Reply #5 on: November 08, 2019, 01:56:11 PM »
Everything is fixed and works fine.
G-suite appears to have either upped their game in security, or I have missed something.

Anyhow, I got it working using an app specific password after enabling 2 step verification in G-suite.
The IP only authentication I failed to get working (#BadCredentials).

It works fine using Google services both with SMTP-server, and with the SMTP-relay.
I used TLS via port 587, since that was the point. Sending encrypted e-mails.

The code I ended up using is: https://gist.github.com/dalslandan200/640053a94e0dd46773f5cb751620969a [nofollow]

If you only allow admins to send e-mails, and want e-mails to only have your domain as the sender. You can do this configuration as well.
Find function sendmail() in Subs-Post.php, and below the global variables add the following:
Code: [Select]
// Overwriting with NULL causes mail_from to default to webmaster email.
$modSettings['mail_from'] = null;
// Overwriting Header from with our own author
$from = 'John Doe'; // Change to e.g. your company name or website name

More information about different headers (envelope from and header from): https://www.xeams.com/difference-envelope-header.htm [nofollow]
Information about the specific configuration with the header from: https://tools.ietf.org/html/rfc2822#page-41 [nofollow]

SMF email configuration in the admin area is the same as in the first post, nothing special except for the password.
Type: SMTP
Server: smtp.gmail.com OR smtp-relay.gmail.com
Port: 587
Username: mymail@mydomain.com
Password: Your password.

Don't forget to open the 587/tcp port if behind firewall, and this modification was for SMF 2.0.15*
« Last Edit: November 08, 2019, 02:13:11 PM by dalslandan »