SES configuration not working in 1.1.2
-
@mikeyapina from a command line I execute the following script
CLI script -----testemail.txt-------------------------
EHLO ov3rt.com
AUTH LOGIN
dfdfdsfdsfdsfdsfdfdsfdsfdsfdsfsdffsffdfsdf= <---- this is the username encoded
drewrdsfdsfdsfdsfdsfdsfdsfdsfdsfdsfdsfdsfdsfdsfdsfsfsdf= <------------- this is the password encoded but taken out form this public forum
MAIL FROM: [email protected]
RCPT TO: [email protected]
DATA
X-SES-CONFIGURATION-SET: ov3rt
From: [email protected]
To: [email protected]
Subject: Amazon SES SMTP TestThis message was sent using the Amazon SES SMTP interface.
.
QUIT
This is the command I use to get the above username and pw encoded properly
ubuntu@ip-172-31-19-18:/var/www/html/bagisto$ echo -n "this is the username from SES inside here a bunch of stringed of characeter" | openssl enc -base64
then I get this result ---->
dfdfdsfdsfdsfdsfdfdsfdsfdsfdsfsdffsffdfsdf=
Then I do the same thing above and get a new string for the password then I placed it into the file above.
----------- This is the command I execute from the CLI that sends the email properly-----------------
/var/www/html/bagisto$ openssl s_client -crlf -quiet -starttls smtp -connect email-smtp.us-west-2.amazonaws.com:587 < testemail.txt
depth=2 C = US, O = Amazon, CN = Amazon Root CA 1
verify return:1
depth=1 C = US, O = Amazon, OU = Server CA 1B, CN = Amazon
verify return:1
depth=0 CN = email-smtp.us-west-2.amazonaws.com
verify return:1
250 Ok
250-email-smtp.amazonaws.com
250-8BITMIME
250-SIZE 10485760
250-STARTTLS
250-AUTH PLAIN LOGIN
250 Ok
334 VXNlcm5hbWU6
334 UGFzc3dvcmQ6
235 Authentication successful.
250 Ok
250 Ok
354 End data with <CR><LF>.<CR><LF>
250 Ok 010101740addae08-b79b9dfa-c53b-408e-844b-980bbfb576ed-000000
451 4.4.2 Timeout waiting for data from client. -
@mikeyapina here I cleared out the laravel log and did a request for an email subscription this is what was sent back to me. the Cde in SES says this in Amazon
...Incorrect credentials -->530 Authentication required ---> The application that you use to send email didn't attempt to authenticate when it connected to the Amazon SES SMTP interface.
Here is the Laravel LOG ----->
[2020-08-20 01:13:53] local.ERROR: Expected response code 250 but got code "530", with message "530 Authentication required^M
" {"exception":"[object] (Swift_TransportException(code: 530): Expected response code 250 but got code "530", with message "530 Authentication required^M
" at /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php:457)
[stacktrace] -
@mikeyapina BUT I DO NOW FOR A FACT THE CREDENTIALS ARE RIGHT AS I TESTED IT ABOVE AND SHOWED YOU THEY SENT AN EMAIL ON THE CLI!!!
-
I tired to even do gmail and the error is the same
[2020-08-20 02:51:15] local.ERROR: Expected response code 250 but got code "530", with message "530-5.7.0 Authentication Required. Learn more at^M
530 5.7.0 https://support.google.com/mail/?p=WantAuthError o134sm2202587pfg.200 - gsmtp^M
" {"exception":"[object] (Swift_TransportException(code: 530): Expected response code 250 but got code "530", with message "530-5.7.0 Authentication Required. Learn more at^M
530 5.7.0 https://support.google.com/mail/?p=WantAuthError o134sm2202587pfg.200 - gsmtp^M
" at /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php:457) -
@mikeyapina said in SES configuration not working in 1.1.2:
ses
Your configuration seems wrong. Kindly check your parameter in .env it should be valid.
-
@Vaishali-Agarwal Hi i am on the phen with AWS SES now can we get on a phone it is valid
-
MAIL_DRIVER=ses
MAIL_HOST=email-smtp.us-west-2.amazonaws.com
MAIL_PORT=587
MAIL_USERNAME=xxxxxx
MAIL_PASSWORD=xxxxxxxxxxxzxzxzxz
MAIL_ENCRYPTION=tls -
@mikeyapina
have you added the below configuration just below the above parameterSHOP_MAIL_FROM=
ADMIN_MAIL_TO=
MAIL_FROM_NAME= -
the 530 is connecting to the SES endpoint but the reason the errors could be connecting the incorrect endpoint or the incorrect SMTP credentials
-
@Vaishali-Agarwal said in SES configuration not working in 1.1.2:
SHOP_MAIL_FROM=
ADMIN_MAIL_TO=
MAIL_FROM_NAME=--------- this is what I have
[email protected]
[email protected]
[email protected]
MAIL_DRIVER=ses
MAIL_HOST=email-smtp.us-west-2.amazonaws.com
MAIL_PORT=587
MAIL_USERNAME=fdfdfdfdfd
MAIL_PASSWORD=fdfdfdfdfdfdfdfdfdfdfdfdfdfdfdfdf
MAIL_ENCRYPTION=tls -
@mikeyapina
make sure the rest 3 parameter are added below the Mail_Encryption parameter as shown below
MAIL_DRIVER=smtp
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=
MAIL_PASSWORD=
MAIL_ENCRYPTION=tls
[email protected]
[email protected]
MAIL_FROM_NAME=adminAlso kindly fix the MAIL_FROM_NAME key value, it should not contain the mail id. it will accept the name as shown above.
once done run the commands
php artisan config:cache -
@Vaishali-Agarwal WE WERE STILL GET SAME ERROR. AWS FEELS THAT MAKING A CONNECTION TO THE SERVER BUT the credentials or endpoint is wrongly configured here is my env
I have verified the correctness with SMTP endpoints and credentials with AWS so we feel that is working ..
env file ..........
MAIL_DRIVER=ses
MAIL_HOST=email-smtp.us-west-2.amazonaws.com
MAIL_PORT=587
MAIL_USERNAME=ccdsfsdcs
MAIL_PASSWORD=ddddsadsadsadadsa
MAIL_ENCRYPTION=tls
[email protected]
[email protected]
MAIL_FROM_NAME=adminlogs ----------------
[2020-08-20 03:31:55] local.ERROR: Expected response code 250 but got code "530", with message "530 Authentication required^M
" {"exception":"[object] (Swift_TransportException(code: 530): Expected response code 250 but got code "530", with message "530 Authentication required^M
" at /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php:457)
[stacktrace]
#0 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php(341): Swift_Transport_AbstractSmtpTransport->assertResponseCode('530 Authenticat...', Array)
#1 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/EsmtpTransport.php(305): Swift_Transport_AbstractSmtpTransport->executeCommand('MAIL FROM:<ther...', Array, Array, true, NULL)
#2 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/EsmtpTransport.php(386): Swift_Transport_EsmtpTransport->executeCommand('MAIL FROM:<ther...', Array, Array, true) -
@Vaishali-Agarwal from AWS
We saw that there was no connectivity issue from your EC2 instance to SES as you were getting 250 Ok response when running telnet and openssl commands.
We then checked your application and suspected that the credentials configured might be incorrect. So, we took those credentials and generated a base64 encoded of both and and tried sending an email using openssl command which failed.We also know that when you generated the the new credentials and used it to send a test mail with openssl, it worked fine for you which we can also verify from the successful mail(Message ID: 0101017408a72c3c-5c80c957-f75f-4298-a15d-f7b1151f7918) that you sent earlier on 2020-08-19 21:36:47 UTC.
This points to the fact that the test mail that was failing earlier with openssl was due to some issue with incorrect credentials and not a connectivity issue on the SES smtp endpoint.
After confirming the issue with the old credentials, we then generated a new set of credentials and replaced them with the old one in your application but the application was still not able to send emails. Since, from SES perspective connectivity and credentials are correct, it seems that the issue you have been facing is on the application end and there is some configuration that needs to be changed on the application side.
I would request you to please reach out to the Application support for further insight into this.
We are glad to know that you are happy with the follow up. If you face any other difficulties in future, please feel free to reach to AWS Support.
-
@mikeyapina I decided to try some addtional tests. I got a un/pw that had no special characters and went thru the test again. Doing email through the CLI worked. Doing a subscription from the landing page footer gave me this error below.
Observation --- The mail logs below shows the scripte makes it to SES but then gets a failure due to user unknown error. Although when we execute it from the cli with the same user there are no issues and the email sends.
ubuntu@ip-172-31-19-18:/var/www/html/bagisto/storage/logs$ sudo vi laravel.log
[2020-08-20 23:12:30] local.ERROR: Expected response code 250 but got code "530", with message "530 Authentication required^M
" {"exception":"[object] (Swift_TransportException(code: 530): Expected response code 250 but got code "530", with message "530 Authentication required^M
" at /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php:457)
[stacktrace]
#0 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php(341): Swift_Transport_AbstractSmtpTransport->assertResponseCode('530 Authenticat...', Array)
#1 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/EsmtpTransport.php(305): Swift_Transport_AbstractSmtpTransport->executeCommand('MAIL FROM:<admi...', Array, Array, true, NULL)
#2 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/EsmtpTransport.php(386): Swift_Transport_EsmtpTransport->executeCommand('MAIL FROM:<admi...', Array, Array, true)
#3 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php(483): Swift_Transport_EsmtpTransport->doMailFromCommand('[email protected]')
#4 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php(516): Swift_Transport_AbstractSmtpTransport->doMailTransaction(Object(Swift_Message), '[email protected]', Array, Array)
#5 /var/www/html/bagisto/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/AbstractSmtpTransport.php(206): Swift_Transport_AbstractSmtpTransport->sendTo(Object(Swift_Message), '[email protected]', Array, Array)'------------------------ here is the cli command and script ----------------
EHLO ov3rt.com
AUTH LOGIN
some strings here for username in base 64 format converted in cli=
some strings here for pw in base 64format converted in cli=
MAIL FROM: [email protected]
RCPT TO: [email protected]
DATA
X-SES-CONFIGURATION-SET: ov3rt
From: [email protected]
To: [email protected]
Subject: Amazon SES SMTP TestThis message was sent using the Amazon SES SMTP interface.
.
QUITMail logs showing it work ---------- the later show the connection is made to SES but failure due to user unknown. Although when he execute from he cli with the same user there are no issues.
Aug 19 20:33:06 ip-172-31-19-18 sendmail[30541]: 07JKX6Gt030541: from=[email protected], size=2220, class=0, nrcpts=1, msgid=[email protected], proto=SMTP, relay=www-data@localhost
Aug 19 20:33:06 ip-172-31-19-18 sm-mta[30542]: 07JKX6Hp030542: from=[email protected], size=2529, class=0, nrcpts=1, msgid=[email protected], proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Aug 19 20:33:06 ip-172-31-19-18 sendmail[30541]: 07JKX6Gt030541: to=[email protected], delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=32220, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (07JKX6Hp030542 Message accepted for delivery)
Aug 19 20:33:06 ip-172-31-19-18 sm-mta[30544]: STARTTLS=client, relay=email-smtp.us-west-2.amazonaws.com., version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Aug 19 20:33:07 ip-172-31-19-18 sm-mta[30544]: 07JKX6Hp030542: to=[email protected], delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=122529, relay=email-smtp.us-west-2.amazonaws.com. [52.88.99.145], dsn=5.0.0, stat=Service unavailable
Aug 19 20:33:07 ip-172-31-19-18 sm-mta[30544]: 07JKX6Hp030542: 07JKX7Hp030544: DSN: Service unavailable
Aug 19 20:33:07 ip-172-31-19-18 sm-mta[30544]: 07JKX7Hp030544: to=[email protected], delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30000, relay=email-smtp.us-west-2.amazonaws.com., dsn=5.0.0, stat=Service unavailable
Aug 19 20:33:07 ip-172-31-19-18 sm-mta[30544]: 07JKX7Hp030544: to=MAILER-DAEMON, delay=00:00:00, mailer=local, pri=30000, dsn=5.1.1, stat=User unknown
Aug 19 20:33:07 ip-172-31-19-18 sm-mta[30544]: 07JKX7Hp030544: to=postmaster, delay=00:00:00, mailer=local, pri=30000, dsn=5.1.1, stat=User unknown
Aug 19 20:33:07 ip-172-31-19-18 sm-mta[30544]: 07JKX7Hp030544: 07JKX7Hq030544: return to sender: User unknown
Aug 19 20:33:07 ip-172-31-19-18 sm-mta[30544]: 07JKX7Hq030544: to=MAILER-DAEMON, delay=00:00:00, mailer=local, pri=0, dsn=5.1.1, stat=User unknown
Aug 19 20:33:07 ip-172-31-19-18 sm-mta[30544]: 07JKX7Hp030544: Saved message in /var/lib/sendmail/dead.letter
Aug 19 20:44:58 ip-172-31-19-18 sendmail[30718]: 07JKiwFm030718: Authentication-Warning: ip-172-31-19-18.us-west-2.compute.internal: www-data owned process doing -bs
Aug 19 20:44:58 ip-172-31-19-18 sendmail[30718]: 07JKiwFm030718: from=[email protected], size=2215, class=0, nrcpts=1, msgid=[email protected], proto=SMTP, relay=www-data@localhost
Aug 19 20:44:58 ip-172-31-19-18 sm-mta[30719]: 07JKiwwO030719: from=[email protected], size=2519, class=0, nrcpts=1, msgid=[email protected], proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1]
Aug 19 20:44:58 ip-172-31-19-18 sendmail[30718]: 07JKiwFm030718: to=[email protected], delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=32215, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (07JKiwwO030719 Message accepted for delivery)
Aug 19 20:44:58 ip-172-31-19-18 sm-mta[30721]: STARTTLS=client, relay=email-smtp.us-west-2.amazonaws.com., version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKiwwO030719: to=[email protected], delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=122519, relay=email-smtp.us-west-2.amazonaws.com. [52.88.217.130], dsn=5.0.0, stat=Service unavailable
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKiwwO030719: 07JKixwO030721: DSN: Service unavailable
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKixwO030721: to=[email protected], delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30000, relay=email-smtp.us-west-2.amazonaws.com., dsn=5.0.0, stat=Service unavailable
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKixwO030721: to=MAILER-DAEMON, delay=00:00:00, mailer=local, pri=30000, dsn=5.1.1, stat=User unknown
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKixwO030721: to=postmaster, delay=00:00:00, mailer=local, pri=30000, dsn=5.1.1, stat=User unknown
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKixwO030721: 07JKixwP030721: return to sender: User unknown
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKixwP030721: to=MAILER-DAEMON, delay=00:00:00, mailer=local, pri=0, dsn=5.1.1, stat=User unknown
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKixwO030721: Saved message in /var/lib/sendmail/dead.letter -
Here is my .env
MAIL_DRIVER=smtp
MAIL_HOST=email-smtp.us-west-2.amazonaws.com
MAIL_PORT=587
MAIL_USERNAME=ses username not in base64
MAIL_PASSWORD=ses password not in base64
MAIL_ENCRYPTION=tls
[email protected]
[email protected]
MAIL_FROM_NAME=adminI also have this mail.php
<?php
return [
/* |-------------------------------------------------------------------------- | Mail Driver |-------------------------------------------------------------------------- | | Laravel supports both SMTP and PHP's "mail" function as drivers for the | sending of e-mail. You may specify which one you're using throughout | your application here. By default, Laravel is setup for SMTP mail. | | Supported: "smtp", "sendmail", "mailgun", "mandrill", "ses", | "sparkpost", "log", "array" | */ 'driver' => env('MAIL_DRIVER', 'ses'), /* |-------------------------------------------------------------------------- | SMTP Host Address |-------------------------------------------------------------------------- | | Here you may provide the host address of the SMTP server used by your | applications. A default option is provided that is compatible with | the Mailgun mail service which will provide reliable deliveries. | */ 'host' => env('MAIL_HOST', 'email-smtp.us-west-2.amazonaws.com'), /* |-------------------------------------------------------------------------- | SMTP Host Port |-------------------------------------------------------------------------- | | This is the SMTP port used by your application to deliver e-mails to | users of the application. Like the host we have set this value to | stay compatible with the Mailgun e-mail application by default. | */ 'port' => env('MAIL_PORT', 587), /* |-------------------------------------------------------------------------- | Global "From" Address |-------------------------------------------------------------------------- | | You may wish for all e-mails sent by your application to be sent from | the same address. Here, you may specify a name and address that is | used globally for all e-mails that are sent by your application. | */ 'from' => [ 'address' => env('SHOP_MAIL_FROM'), 'name' => env('MAIL_FROM_NAME') ], /* |-------------------------------------------------------------------------- | Global "Admin" Address |-------------------------------------------------------------------------- | | General admin related admins, such as order notifications. | */ 'admin' => [ 'address' => env('ADMIN_MAIL_TO'), 'name' => env('ADMIN_MAIL_NAME', 'Admin') ], /* |-------------------------------------------------------------------------- | E-Mail Encryption Protocol |-------------------------------------------------------------------------- | | Here you may specify the encryption protocol that should be used when | the application send e-mail messages. A sensible default using the | transport layer security protocol should provide great security. | */ 'encryption' => env('MAIL_ENCRYPTION', 'tls'), 'stream' => [ 'ssl' => [ 'allow_self_signed' => true, 'verify_peer' => false, 'verify_peer_name' => false, ], ], /* |-------------------------------------------------------------------------- | SMTP Server Username |-------------------------------------------------------------------------- | | If your SMTP server requires a username for authentication, you should | set it here. This will get used to authenticate with your server on | connection. You may also set the "password" value below this one. | */ 'username' => env('eewewewew not in base64'), 'password' => env('ewewewew not in base64'), /* |-------------------------------------------------------------------------- | Sendmail System Path |-------------------------------------------------------------------------- | | When using the "sendmail" driver to send e-mails, we will need to know | the path to where Sendmail lives on this server. A default path has | been provided here, which will work well on most of your systems. | */ 'sendmail' => '/usr/sbin/sendmail -bs', /* |-------------------------------------------------------------------------- | Markdown Mail Settings |-------------------------------------------------------------------------- | | If you are using Markdown based email rendering, you may configure your | theme and component paths here, allowing you to customize the design | of the emails. Or, you may simply stick with the Laravel defaults! | */ 'markdown' => [ 'theme' => 'default', 'paths' => [ resource_path('views/vendor/mail'), ], ],
];
-
ok I am getting a new error tried some different things and can both send email at the CLI as well as it appears everything is connecting as before. What I wanted to do was find a un/pw with no weird characters -- then I cleared everything and slowly tested everything .. I believe I have a good setup now suing this scenario now I am getting an error for AWS
From this error ---
[2020-08-21 15:19:07] local.ERROR: Region must be a valid RFC host label. {"exception":"[object] (Aws\Exception\InvalidRegionException(code: 0): Region must be a valid RFC host label. at /var/www/html/bagisto/vendor/aws/aws-sdk-php/src/ClientResolver.php:543)
[stacktrace]I found this script inside the pointing to error files
// Check region is a valid host label when it is being used to // generate an endpoint if (!self::isValidRegion($args['region'])) { throw new InvalidRegionException('Region must be a valid RFC' . ' host label.'); }
-
What I have figured out about the setting driver -- if I set it to SES I get results in the laravel.log file in storage. If I set it to SMTP I am able to see the errors in the SMTP mail.log file.
These are the issues in summary:
SES setting:
I am getting:
[2020-08-20 23:12:30] local.ERROR: Expected response code 250 but got code "530", with message "530 Authentication required^M
" {"exception":"[object] (Swift_TransportException(code: 530): Expected response code 250 but got code "530", with message "530 Authentication required^MSMTP
Aug 19 20:44:59 ip-172-31-19-18 sm-mta[30721]: 07JKiwwO030719: [email protected], delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=122519, relay=email-smtp.us-west-2.amazonaws.com. [52.88.217.130], dsn=5.0.0, stat=Service unavailable
CLI
I can send email sends out using SMTP
-
@mikeyapina said in SES configuration not working in 1.1.2:
ses
There appears to be a mix-match of credentials when the application is sending them to the end-point. Are you wrapping it with something? Ar you escaping it?
The SES SMTP relies on base-64 encoding. If it is not doing a conversion to base-64 we will get an authentication issue with SES.
-
i guess we have to do something like this to the code being sent to SES (username/password> where do we do this? I believe when we send it to AWS SES but where?
$message->embedData(base64_decode($data['photos'][$x]), 'Blah')
The above came from the internet describing what to do with a different issue.
-
this is the message from AWS
As discussed on call, the issue we are suspecting is that your application might not be encoding the SES SMTP credentials which is why we might be seeing 530 Authentication Error. You would be following up with the application vendor regarding this. Also, if you would like we would be happy to jump on a call with your vendor to discuss this further. Please do let us know