I used to run a server app that sends an e-mails each 2 hours, but sometimes i get the error below:
Não foi possível enviar a mensagem.
Mensagem: com.sun.mail.smtp.SMTPSendFailedException: 550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
Jan 07, 2013 1:00:32 PM job_hidrojato.comunicacao.email.Email run
SEVERE: null
com.sun.mail.smtp.SMTPSendFailedException: 550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
at com.sun.mail.smtp.SMTPTransport.issueSendCommand(SMTPTransport.java:1388)
at com.sun.mail.smtp.SMTPTransport.mailFrom(SMTPTransport.java:959)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:583)
at javax.mail.Transport.send0(Transport.java:169)
at javax.mail.Transport.send(Transport.java:98)
at job_hidrojato.comunicacao.email.Email.run(Email.java:186)
at java.lang.Thread.run(Thread.java:722)
I've already tried to explicitly define the mail.smtp.localhost using the code below, where "HADES" is the hostname of my server, but it didn't work.
props.put("mail.smtp.localhost", "HADES");
The error log gerenated after this change is the same, so I think that the problem isn't the hostname parameter. I already read the links below but again, didn't work, so I'm running out of alternatives to solve this problem, and any help would be appreciated :)
Invalid HELO name in JavaMail
550 Access denied - Invalid HELO name
If you look up RFC2811 section 4.1.1.1 it says (emphasis mine):
These commands are used to identify the SMTP client to the SMTP
server. The argument field contains the fully-qualified domain name
of the SMTP client if one is available. In situations in which the
SMTP client system does not have a meaningful domain name (e.g., when
its address is dynamically allocated and no reverse mapping record is
available), the client SHOULD send an address literal (see section
4.1.3), optionally followed by information that will help to identify
the client system.
The name HADES is not a fully qualified domainname (which is hostname+domain, eg www.example.com, some definitions of FQDN also require a dot a the end (ie www.example.com. but I am unsure if that is required by SMTP). If you don't have a FQDN, you should use an address literal (see section 4.1.3 Address Literals), which basically is the IP address.
Also be sure that your SMTP server is not actively restricting access to unknown or unauthenticated hosts.
Related
Need your advice about the following:
We try to get file from another server in our local network by SMB
When we call server by IP everything works file
When we call server by DNS name we get an exception: jcifs.smb.SmbException: A duplicate name exists on the network
I googled the similar questions and found that it could happen when a few servers have the same DNS name.
Could you please advise me how to prove it to our network administrators? Because they say that it’s impossible and every server has the only DNS name in our local network.
Thank you!
You may also have a server which is registered under 2 different domains, and a program which tries to access this server without mentioning a domain.
If such is the case, if you enter:
nslookup <server>.<expected domain>
you may get:
Non-authoritative answer:
Name: <server>.<expected domain, for instance your company's domain>
Address: <IP>
And if you enter:
nslookup <server>
(note that you did not mention any domain) you may get:
Non-authoritative answer:
Name: <server>.<UNexpected domain #2>
Address: <IP>
If this is the case, we have to unregister your server from the unexpected domain and everything should go back to normal.
I'm a CS student working on a Java DNS resolver client assignment. My DNS resolver must accept as input a DNS root server IP and a domain name. Then the program must query the DNS root server given by the user, and iteratively query any intermediate servers (which I understand will be found in "the Authority and Additional Information sections" of the reply) until I have come across the IP of the domain entered by the user. I understand that the information I am looking for is found in the RR but I am stuck on querying a specific DNS root server as well as how to get the RR in order to proceed from there. I have looked around but have not had much luck with finding any guidance to do this in Java using the standard libraries I cannot use any DNS library (DNSQuery, SimpleResolver, etc). I am hoping someone can point me in the right direction.
This is an example of what I have to do :
>java dns_resolver 202.12.27.33 cs.poly.edu
DNS server to query: 202.12.27.33
Reply received. Content overview:
0 Answers
6 Intermediate Name Servers
7 Additional Information Records
Answers section:
Authoritative Section:
Name: edu Name Server: l.edu-servers.net
Name: edu Name Server: a.edu-servers.net
Name: edu Name Server: f.edu-servers.net
Name: edu Name Server: c.edu-servers.net
Additional Information Section:
. . .
until I reach 1 in the Answer section containing the IP of the domain entered by the user.
Thanks
It sounds like the difficulty in the assignment is in implementing the DNS protocol yourself (otherwise you'd be able to use SimpleResolver, etc). Here's a page with details of the DNS protocol: RFC 1035 §4.1. Use that as a guide to build the request, then use java socket I/O to send the request and receive the response.
I am running a Java web application using tomcat to send generated reports via emails to the users.
I am able to send the emails but after few hours the server stops sending emails, with the following error.
javax.mail.MessagingException: Unknown SMTP host: mail.mydomain.co.uk;
nested exception is:
java.net.UnknownHostException: mail.mydomain.co.uk
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1970)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:642)
at javax.mail.Service.connect(Service.java:317)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
at javax.mail.Transport.send(Transport.java:124)
at com.turnkey.email.SendEmail.sendMail(SendEmail.java:119)
at com.turnkey.thread.CommunicationThread.run(CommunicationThread.java:399)
Caused by: java.net.UnknownHostException: mail.mydomain.co.uk
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:195)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:529)
at java.net.Socket.connect(Socket.java:478)
at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:319)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:233)
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1938)
... 8 more
After some time the server starts sending emails again.
Can anyone tell me what could be the problem.
And how do I solve this problem?
Thanks
This looks like a failure in your name service. The JDK isn't able to look up the host name to find its internet address. Since this works sometimes and not others, it looks like an intermittent failure of the name service. The name service failure could be due to some failure in your local operating system, or it could be due to some network failure communicating with your DNS server or other name service server, or it could be a failure in that DNS server or name service server itself. Determining the exact cause of the failure will require some debugging. Note that the JDK caches the results of name server lookups for some time so you'll need to factor that into your debugging.
Also make sure there is no space at the end of smtp hostname eg. mail.google.comSPACEHERE . Surprisingly this happened to me and finally after removing this space there was no complain about smtp host . Email was successfully sent
Set for host the ip address of the domain name instead of the domain name.
use nslookup mail.mydomain.co.uk on cmd to find the ip address.
It worked for me.
Specially for AIX or Linux OS environment,
We need to add the hostname in the etc/hosts file.. to sole this.
Windows operating system , this may work on Windows system as there is no strict security check however AIX or Linux must add host name to etc/hosts file in order for ping the SMTP server.
avoid doing this may lead Unknown host issue
We are facing a problem with lastest JRE 6 update 22 and 23. The problem is we are running a site which uses Java Applet to stores/retrieve datas by calling a PHP file. For last 7 years we never had a single issue but now with latest JRE are we having a problem. The Java applet is loaded fine but failed to connect our sever (unix server) which suppose to call the PHP file.
Note: We use Javascript to call a Java function to connect our server, to retrieve data from the PHP file.
Here is the error message found in Java console:
basic: Applet started
basic: Told clients applet is started
Retreiving cmi for sco=778 from ATutor server
network: Connecting http://www.example.com/training/scorm/read.php with proxy=DIRECT
network: Cache entry not found [url: http://xxx.xxx.xxx.xxx/crossdomain.xml, version: null]
network: Connecting http://xxx.xxx.xxx.xxx/crossdomain.xml with proxy=DIRECT
network: Connecting http://xxx.xxx.xxx.xxx:80/ with proxy=DIRECT
network: Server http://xxx.xxx.xxx.xxx/crossdomain.xml requesting to set-cookie with "SESSdba781ab68368f3b7b29ce28e33a2679=983ded5e21e40047871b1f3ce5c259d7; expires=Monday, 07-Mar-11 20:45:53 GMT; path=/"
ATutor cmi retrieval failed.
java.security.AccessControlException: access denied (java.net.SocketPermission xxx.xxx.xxx.xxx:80 connect,resolve)
Oracle has released a note and addressing this issue with a solution,
Website: http://www.oracle.com/technetwork/java/javase/6u22releasenotes-176121.html
The fix for CVE-2010-3560 could cause
certain Java applets running in the
new Java Plug-in to stop working if
they are embedded in web pages which
contain JavaScript that calls into
Java in order to perform actions which
require network security permissions.
These applets may fail with a network
security exception under some
circumstances if the name service
which resolved the original web page
URL host name does not return a
matching name as the result of a
reverse address lookup. This is most
likely to occur for the new Java
Plug-in running on Solaris and Linux
when configured to use NIS for host to
network address resolution with maps
containing host names which are in
short form (rather than as a fully
qualified domain name).
If an applet is suspected of failing
due to this change you can verify that
by setting the logging level of the
Java Console to 5 and looking for
logging strings beginning with "socket
access restriction" which will
describe the specific cause of the
mismatch and will help in identifying
the correct workaround to use as
described below:
Add a new host name forward map entry
(in /etc/hosts, NIS, or DNS) in a
special form which is recognized by
Java for the purpose of validating
IPv4 and IPv6 name service mappings.
The IPv4 general name form followed by
an /etc/hosts file fragment example
for IP address 10.11.12.13 is:
host.auth.ddd.ccc.bbb.aaa.in-addr.arpa
# /etc/hosts example
10.11.12.13 foo.bar.com.auth.13.12.11.10.in-addr.arpa
There is an equivalent form for IPv6
addresses which uses the IP6.ARPA
domain root format defined in RFC
3596.
For DNS, these would be A (IPv4) or
AAAA (IPv6) entries.
Pre-pend a fully qualified host name
before other mappings to the same
address. For example, in /etc/hosts
format:
#10.11.12.13 foo loghost
10.11.12.13 foo.bar.com foo loghost
As an alternative to updating name
service records, it may be possible to
safely modify the applet to perform
the network action using only it's own
permissions independent of the web
page which contains it by using the
doPrivileged() method of the
java.security.AccessController class.
I am PHP developer and I have very little knowledge on Java. I couldn't understand the solution provided by the Oracle. They want to add new host name in /etc/hosts file, can anyone please explain with more clear example what to add in /etc/hosts.
Also I don't know where to add doPrivileged() method, please help.
Thanks
Paŭlo,
Server admin uploaded a crossdomain.xml file to the root web directory of the site that resolve the public ip. This is the only information I received.
Here is the crossdomain.xml file,
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
This fixed the problem and no errors appears in Java console logs.
These errors are fixed,
network: Cache entry not found [url: http://xxx.xxx.xxx.xxx/crossdomain.xml, version: null]
java.security.AccessControlException: access denied (java.net.SocketPermission xxx.xxx.xxx.xxx:80 connect,resolve)
Java applets are only allowed to call their own origin host, and it seems that from the change mentioned by your citation above that Javascript code calling into the applet has no networking rights at all, to avoid that hostile scripts use your applet to connect to your server with the privileges of the applet instead of its own.
If you are sure that no malicious things could happen if your applet method is called (even if called by a malicious script), you can use in this method this call to AccessController.doPrivileged(...), like this:
public String retrieveData(final String params) {
return AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
// here the rest of your networking code
}
};
}
Instead of wrapping the whole method in doPrivileged, maybe only wrap the networking parts (like openConnection() or such).
I have currently face a problem when I try to send an email using JavaMail API. The exception I get from my application console is :
"javax.mail.MessagingException: 550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1)"
by the way, I have already set my mail.smtp.auth property to true as : props.put("mail.smtp.auth", "true"), but it still fail, does anyone has idea? or face similar problem before ?
A 550 error is often returned by the SMTP server when the sending hostname cannot be inverse resolved to the originating IP address. This allows mail servers a bit of authentication that the sending client is who it says it is. Unfortunately, many test clients - especially systems behind a NAT device - will have originating IP addresses that don't map to any name.
For example, the machine I am typing this on has an unroutable IP address of 192.168.1.103 and my hostname could be so.example.myhouse which works fine because my router pretends that packets from my desk come from (e.g.) 69.59.196.211 which is my WAN address. However, if you use a props.put("mail.from", "me#so.example.myhouse") the SMTP server may try a DNS lookup and obviously fail for my fictional hostname (that is, one that the global DNS doesn't know of).
Even if I used the DNS name which maps to 69.59.196.211 (e.g. stackoverflow.com) the SMTP server may do a reverse DNS lookup to check that 211.196.59.69.in-addr.arpa maps to stackoverflow.com. If that fails, the SMTP server may consider you a spoofer and return a 550.
Finally, your sending client or every host it its IP address block could be blacklisted by the SMTP server for reasons that you have no control over.
Without more context than you probably want to post (names and addresses of the guilty client and server) I can't be sure that it is an SMTP/DNS problem unrelated to Java so you'll have to check those bits yourself. You can skip the Java altogether and telnet smtp-servername 25 and talk to the server yourself. You'll find RFC 2821 helpful should you try.
replace
props.put("mail.smtp.auth", true);
to
props.put("mail.smtp.auth", "true");
and it works :)