This question already has answers here:
Sending email in .NET through Gmail
(26 answers)
Closed 2 years ago.
I'm working on building a contact form for my new Web site and want to send mail through Google's SMTP relay server (smtp-relay.gmail.com) because I want to set up a "dummy", "no-reply" address from which to send the mail. Also, I tried sending it through the regular SMTP server (smtp.gmail.com) using my own actual Gmail credentials for that account and it got blocked as an insecure app. I'd rather not turn on the "Less secure app access" option (it's not really an option for me anyway because I use 2FA on this account), so this seems like the best way to get there - if I can get it working.
The domain's mail is hosted in G Suite and I've configured the SMTP relay service in the Google Admin Console for my domain as per the instructions in the support article, SMTP relay: Route outgoing non-Gmail messages through Google. I have the relay configured using both the public static IP address of my Web site, as well as the static IP address of the firewall behind which the Web server lies. I configured the relay to accept mail from my domain(s) to allow for the "dummy" address that doesn't actually have a mailbox, and set it to require SMTP Authentication and TLS encryption:
I've set up DNS records for MX, SPF, and DKIM with my domain registrar.
I've waited over 24-hours for the changes to take effect (as per the notification when making the changes in the Google Admin Console)
I've even set up an app password for my Web site to use for my domain e-mail address:
I'm using an ASP.NET (VB) Web site on IIS. My code for sending looks like this:
Dim NewContact As New System.Net.Mail.MailMessage()
With NewContactMessage
.From = New System.Net.Mail.MailAddress("no-reply#mydomain.com")
.To.Add("myaddress#mydomain.com")
.Subject= "TEST MESSAGE"
.IsBodyHtml= True
.BodyEncoding = System.Text.Encoding.UTF8
.Body = "This is a test."
.Priority = System.Net.Mail.MailPriority.Normal
End With
Dim Server As New System.Net.Mail.SmtpClient()
With Server
.Port= 587
.Host= "smtp-relay.gmail.com"
.EnableSsl= True
.Send(NewContactMessage)
End With
However, when I try to submit my contact form, I get an error, Mailbox unavailable. The server response was: 5.7.1 Invalid credentials for relay [X.X.X.X]. The IP address you've:
It looks like there should definitely be more to that actual error message, but it's apparently being truncated somewhere along the way.
I've tried feeding the credentials in the SmtpClient block:
With Server
.Credentials = New System.Net.NetworkCredential("myaddress#mydomain.com", "my_app_password")
.Port= 587
.Host= "smtp-relay.gmail.com"
.EnableSsl= True
.Send(NewContactMessage)
End With
In this case, I get a different error: The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 Authentication Required. Learn more at. (If I use the credentials with the "default" Gmail SMTP server (smtp.gmail.com), I get the same error.)
According to the Audit Logs, it appears that all of my configuration setting changes have completed. Everything appears to be correct for this to work, but what am I missing?
Just before posting this question, I found this Q&A - Send mail via google app with smtp relay - with the simple fix to my issue: Turn off the Require SMTP Authentication option in the SMTP relay service configuration settings.
Once I disabled that setting and tried again, everything is flowing normally. I suppose I should have figured that out on my own, but according to Google's support article for setting up the SMTP relay (emphasis mine in the first sentence):
In the Authentication section, check one or both boxes to set an authentication method:
Only accept mail from the specified IP addresses — The system only accepts mail sent from these IP addresses as coming from your domains.
Require SMTP Authentication — Enforces the use of SMTP authentication to identify the sending domain. Using this option requires your clients to connect via TLS.
The wording here seems a bit misleading and appears to indicate that you can have both of these options enabled without one "interfering" with the other. As I said, I probably should have figured this out on my own - especially since I'm trying to send from a "dummy" e-mail account - but I guess it just didn't occur to me.
I considered deleting this question, but I had done a fair amount of searching before writing this question up and somehow never ran across that particular post. I'm not sure how I could have missed it, but I'm leaving my question here in hopes that someone else has an easier time of finding this solution in the future.
Related
I am having issues with mail bouncing when sending from my own server to my own active yahoo account using JavaMail. The mails are passing SPF, DKIM and DMARC according to google mail that receives the same messages being bounced by yahoo. I can send messages from other accounts to my yahoo account without issue.
The messages send fine from my server to ZMail, GMail, Microsoft mail. Looking at the emails, the only thing that I have noticed is the message header for the Message-Id. My messages have the following header:
Message-ID: <923936395.17.1634776639078#[internally visible hostname]>
I am wondering if this header could be the problem and whether there is a way in JavaMail or in the Apache James to set the hostname or IP address that gets used in this message so that rather than using the "internally visible hostname", I can get the hostname that is externally visible. I have been searching the available documentation for Apache James and JavaMail but have not found any parameters to try in order to resolve this.
According to the Decompiled SRC of sun mail it should be possible by setting some properties for your session.
props.setProperty("mail.from", user);
props.setProperty("mail.host", host);
//props.setProperty("mail.user", user);
The Id will be updated by the save method (saveChanges()) and will trigger an new ID generation (updateHeaders() -> updateMessageID()). (Looked up in the decompiled MimeMessage.class)
Leading to the HostPart called in javax.mail.internet.InternetAddress.
The relevant method is _getLocalAddress.
Here you can see that the values get extracted from the Properties or will fallback to your local machine.
Used Fields:
user.name
mail.from
mail.user
mail.host
The user.name property can also be looked up from the system props.
Currently we have a web form that send's emails which has stopped working months back with the migration of Office 365 at our company. I have eliminated all other code while troubleshooting and just run email portion to get the following error : "System.Net.Mail.SmtpException: The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM ".
I have found many solutions on the web/stack overflow with the same error code, tried changing the code to proposed solutions and have had no luck.
Tried many different email aliases that are listed in our global address list with no luck for my account, different ports(25,587), different smtp addresses, and have had no luck so far.
Multiple users are stating "This code unfortunately is no longer valid with Office 365. Error message that comes up is The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM [HE1PR05CA0133.eurprd05.prod.outlook.com] " on the article linked below.
Send SMTP email using System.Net.Mail via Exchange Online (Office 365)
My code seen below.
Dim mail As MailMessage = New MailMessage
mail.From = New MailAddress("email12345#company.com")
mail.To.Add("email12345#company.com")
mail.Subject = "Test"
mail.IsBodyHtml = False
mail.Body = "Test"
Dim SmtpServer As SmtpClient = New SmtpClient
SmtpServer.Host = "smtp.office365.com"
SmtpServer.Port = 587
SmtpServer.UseDefaultCredentials = False
SmtpServer.Credentials = New System.Net.NetworkCredential("MyEmail", "MyPass")
SmtpServer.DeliveryMethod = SmtpDeliveryMethod.Network
SmtpServer.EnableSsl = True
SmtpServer.TargetName = "STARTTLS/smtp.office365.com"
Try
SmtpServer.Send(mail)
Catch ex As Exception
Response.Write(ex.ToString)
End Try
As it seems this is happening to many people, I would like to know what they are doing to resolve it?
I resolved this issue by creating app password for my outlook365 account. You can create/manage app password as following.
Go to My Account >> Security & Privacy >> Additional Security Verification >> Create and manage app passwords
Create an app password and use it in your code. Hope this will solve your issue
To enable app-password you must have two factor authentication on the account and the administrator (if your account is in an organization) must allow app-passwords on the account (or in the organization)
I'm not a 365 admin and don't know all the settings.
However, we had a similar problem where the sender account did not have the setting "Modern Authentication" enabled for SMTP AUTH.
note that this worked for a long time and suddenly stopped (not sure if Microsoft did some security tightening in late February 2021)
Modern Authentication was enabled for Outlook etc (clients?),
but not for "SMTP AUTH", "IMAP", and "POP"
(I assume this is the "defaults" and recommendation is not to enable Modern Authentication unless you need it.
see the two articles below.
https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/authenticated-client-smtp-submission
Virtually all modern email clients that connect to Exchange Online mailboxes in Office 365 or Microsoft 365 (for example, Outlook, Outlook on the web, iOS Mail, Outlook for iOS and Android, etc.) don't use SMTP AUTH to send email messages.
Therefore, we highly recommend that you disable SMTP AUTH in your Exchange Online organization, and enable it only for the accounts (that is, mailboxes) that still require it. There are two settings that can help you do this:
An organization-wide setting to disable (or enable) SMTP AUTH.
A per-mailbox setting that overrides the tenant-wide setting.
Also good to know about. Will list number of "smtp auth clients".
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/mfi-smtp-auth-clients-report?view=o365-worldwide
I need to make calls to a rest API service via BizTalk Send adapter. The API simply uses a token in the header for authentication/authorization. I have tested this in a C# console app using httpclient and it works fine:
string apiUrl = "https://api.site.com/endpoint/<method>?";
string dateFormat = "dateFormat = 2017-05-01T00:00:00";
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("token", "<token>");
client.DefaultRequestHeaders.Add("Accept", "application/json");
string finalurl = apiUrl + dateFormat;
HttpResponseMessage resp = await client.GetAsync(finalurl);
if (resp.IsSuccessStatusCode)
{
string result = await resp.Content.ReadAsStringAsync();
var rootresult = JsonConvert.DeserializeObject<jobList>(result);
return rootresult;
}
else
{
return null;
}
}
however I want to use BizTalk to make the call and handle the response.
I have tried using the wcf-http adapter, selecting 'Transport' for security (it is an https site so security is required(?)) with no credential type specified and placed the header with the token in the 'messages' tab of the adapter configuration. This fails though with the exception: System.IO.IOException: Authentication failed because the remote party has closed the transport stream.
I have tried googling for this specific scenario and cannot find a solution. I did find this article with suggestions for OAUth handling but I'm surprised that even with BizTalk 2016 I still have to create a custom assembly for something so simple.
Does anyone know how this might be done in the wcf-http send adapter?
Yes, you have to write a custom Endpoint Behaviour and add it to the send port. In fact with the WCF-WebHttp adapter even Basic Auth doesn't work so I'm currently writing an Endpoint Behaviour to address this.
One of the issues with OAuth, is that there isn't one standard that everyone follows, so far I've had to write 2 different OAuth behaviours as they have implemented things differently. One using a secret and time stamp hashed to has to get a token, and the other using Basic Auth to get a token. Also one of them you could get multiple tokens using the same creds, whereas the other would expire the old token straight away.
Another thing I've had to write a custom behaviour for is which version of TLS the end points expects as by default BizTalk 2013 R2 tries TLS 1.0, and then will fail if the web site does not allow it.
You can feedback to Microsoft that you wish to have this feature by voting on Add support for OAuth 2.0 / OpenID Connect authentication
Maybe someone will open source their solution. See Announcement: BizTalk Server embrace open source!
Figured it out. I should have used the 'Certificate' for client credential type.
I just had to:
Add token in the Outbound HTTP Headers box in the Messages tab and select 'Transport' security and 'Certificate' for Transport client credential type.
Downloaded the certificate from the API's website via the browser (manually) and installed it on the local servers certificate store.
I then selected that certificate and thumbprint in the corresponding fields in the adapter via the 'browse' buttons (had to scroll through the available certificates and select the API/website certificate I was trying to connect to).
I discovered this on accident when I had Fiddler running and set the adapter proxy setting to the local Fiddler address (http://localhost:8888). I realized that since Fiddler negotiates the TLS connection/certificate (I enabled tls1.2 in fiddler) to the remote server, messages were able to get through but not directly between the adapter and the remote API server (when Fiddler WASN'T running).
I am getting 555 syntax error in mailfrom
SendData(tcpSocket, string.Format("MAIL From: {0}\r\n", MailFrom));
if (!CheckResponse(tcpSocket, 220))
{
tcpSocket.Close();
return false;
}
is it the problem in my local system because of localhost?
Please help me. I am using this code from below link.
http://www.codeproject.com/Articles/5189/End-to-end-Email-Address-Verification-for-Applicat
Please don't try to implement your own SMTP client, use the one that comes with .NET: System.Net.Mail.SmtpClient.
Many SMTP servers require TLS, for example, which your code does not account for.
Furthermore, for security reasons most mailservers will not reveal if an email address in an RCPT TO line is valid or not. If a system can positively reveal an address exists then it can be used by spam harvesters. Consequently using a dry-run of an SMTP client should only be used to validate an email address (because of the complicated rules regarding valid email addresses). The verification (a separate concept from validation) must be performed manually by requiring the user to respond to an email sent to that address, there is no other way to be sure.
I'm using
Configure SMTP plugin for wordpress, when I used it in a local server (localhost) it works properly and send me the test email which confirms that it is working. But when I used it in a hosting site (I used Hostgator) it gives me an STMP error.
What is the possible cause of this error? and what is the possible solution?
Thank you.
Based on the second error, and the words "verification failed", and "sender verify" failed, my guess would be that you have not set up SMTP authentication correctly. You are relaying your mail through Hostgator, so they may have specific hostnames / ports that you need to authenticate correctly with to get your mail to flow. I'd suggest syncing with Hostgator on this.