I am facing problem on a centOS server while sending java mails. Getting the following exception.
javax.mail.MessagingException: Could not connect to SMTP host: localhost, port: 25, response: -1
I used the following command from the command prompt and I got the mail as expected.
echo "testing" | mail -s"test subject" shantanu.oa#gmail.com
The relevant entry from maillog looks like this...
Mar 28 20:13:16 postfix/smtpd[10120]: fatal: no SASL authentication mechanisms
Mar 28 20:13:17 postfix/master[28163]: warning: process /usr/libexec/postfix/smtpd pid 10120 exit status 1
Mar 28 20:13:17 postfix/master[28163]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling
Mar 28 20:26:22 postfix/smtpd[11001]: warning: SASL: Connect to private/auth failed: Connection refused
How do I correct the problem?
From the log entry
Mar 28 20:13:16 postfix/smtpd[10120]: fatal: no SASL authentication mechanisms
I suspect that the problem is on Postfix, of which I'm not an expert. Googling for "fatal: no SASL authentication mechanisms" gives lots of interesting links: maybe have a look here or here.
From the exception it seems like its not able to connect to the host.
Have you tried the telnet stuff?
One more thing to check would be whether the name to IP resolution is taking place properly.If not you can use the IP directly in place of host to see what happens.
does your smtp-server needs authentication?
Seems so, because the cmd call with mail works. In default postfix configuration a local user is allowed to send mails without authentication. And your Java application might not be a registered system user on this maschine.
Try to provide username and password in your code to login to the smtp server.
Related
I have a Java application, from which I am trying to connect to a https url but having issues with SSL ending up with the error:
Received fatal alert: bad_record_mac
(javax.net.ssl.SSLException)
Using SSLPoke there is no issue connection to the URL.
For my Java Application some custom values are set for the keystore
cat sysprop.properties
#Mon, 09 Jan 2017 13:43:54 +0000
#bootstrapModulesResource=moduledefinitions.xml
property.folder=../config
ssl.port=8443
jetty.ssl.keystore=../config/keystore
jetty.ssl.keystore.password=xxxx
jetty.ssl.key.password=xxxx
#jetty.ssl.truststore=../config/truststore
#jetty.ssl.truststore.password=xxxx
application.ip.address=127.0.0.1
bootstrapModulesResource=moduledefinitions.xml
As SSLPoke is working fine I assume that its not a Java environment issue but more directly an issue with my set up for the application. Could a custom keystore be the cause for the bad record mac error?
This application is running on a production sever and the issue can't be replicated locally (its working fine locally).
How can I go about further debugging this issue?
Ok, I am completely stumped here. I am running the Jenkins application (v1.635) for Mac OSX. I am trying to connect to Active Directory through the LDAP Security Realm. No matter what I try (and I have tried a good 30+ variants), the login fails and nothing gets written to the jenkins.log file.
I have ApacheDirectoryStudio installed and it connects flawlessly, so I know it is a Jenkins issue (and not a network or ACL issue).
The LDAP server is using a self-signed SSL certificate, which I installed into the relevant cacerts file.
Here's my LDAP configuration (minus the sensitive corporate stuff)
Server: ldaps://subdomain.domain.com:636
root DN: DC=domain,DC=com
User search base: OU=Users and Computers
User search filter: sAMAccountName={0}
Group search base: OU=Jenkins Groups,OU=Groups
Group search filter: (&(objectclass=group)(cn={0}))
Group membership: Parse user attribute for list of groups
Group membership attribute: memberOf
Manager DN: CN=jenkins,OU=Users and Computers,DC=domain,DC=com
Manager Password: password
Display Name LDAP attribute: displayname
Email Address LDAP attribute: mail
Disable Ldap Email Resolver: unchecked
Any help is greatly appreciated. Even getting the log file to spit out some info would be great.
Thanks!
Edit #1: Sometimes an exception does show up in the log file. Hopefully this helps.
Nov 09, 2015 12:00:49 PM hudson.security.LDAPSecurityRealm$LDAPUserDetailsService loadUserByUsername
WARNING: Failed to search LDAP for username=myuser
org.acegisecurity.ldap.LdapDataAccessException: Unable to connect to LDAP server; nested exception is javax.naming.CommunicationException: subdomain.domain.com:636 [Root exception is java.net.SocketTimeoutException: Connect timed out]
Edit #2: I have to go to an 1 1/2 hour meeting, so my responses will be delayed. Sorry.
So it's not ideal, but I was able to get the connection to work with the plain ldap connection (not ldaps). All I can figure is that Apache Directory Studio is smarter than Jenkins when it comes to establishing the connection. I suspect there may be an issue with the self-signed SSL certificate chain that Jenkins can't quite figure out. I really wish there was more verbosity to the logs in this matter. But for now, I have it working and since it is behind the corporate firewalls, the non-secure connection is less of a risk. I still intend to figure out the root cause, but for now, this will have to do. Thanks for your suggestions.
Have the following mail configuration settings :
mail.smtp.host=smtp.us.deloitte.com
mail.smtp.socketFactory.port=25
mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory
mail.smtp.auth=true
mail.smtp.port=25
and the following properties :
mail.password=password
mail.from=sam#xyz.com
mail.to=sam#xyz.com
mail.subject=Status of Data pushed
I get the following error :
java.lang.RuntimeException: javax.mail.MessagingException: Could not connect to SMTP host: smtp.us.deloitte.com, port: 25;
nested exception is:
java.net.SocketException: Permission denied:
The same code when I use gmail as the 'from' account and the Outlook account in 'to', it works.
I tried setting setx _JAVA_OPTIONS -Djava.net.preferIPv4Stack=true, also disabled iPv6 on Windows 7 box, but nothing seems to work
Just an observation: You are using STMPS protocol, and most SMTPS servers still communicates on the deprecated port 465 or the standardized port 587 and not 25.
I used to run a server app that sends an e-mails each 2 hours, but sometimes i get the error below:
Não foi possível enviar a mensagem.
Mensagem: com.sun.mail.smtp.SMTPSendFailedException: 550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
Jan 07, 2013 1:00:32 PM job_hidrojato.comunicacao.email.Email run
SEVERE: null
com.sun.mail.smtp.SMTPSendFailedException: 550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
at com.sun.mail.smtp.SMTPTransport.issueSendCommand(SMTPTransport.java:1388)
at com.sun.mail.smtp.SMTPTransport.mailFrom(SMTPTransport.java:959)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:583)
at javax.mail.Transport.send0(Transport.java:169)
at javax.mail.Transport.send(Transport.java:98)
at job_hidrojato.comunicacao.email.Email.run(Email.java:186)
at java.lang.Thread.run(Thread.java:722)
I've already tried to explicitly define the mail.smtp.localhost using the code below, where "HADES" is the hostname of my server, but it didn't work.
props.put("mail.smtp.localhost", "HADES");
The error log gerenated after this change is the same, so I think that the problem isn't the hostname parameter. I already read the links below but again, didn't work, so I'm running out of alternatives to solve this problem, and any help would be appreciated :)
Invalid HELO name in JavaMail
550 Access denied - Invalid HELO name
If you look up RFC2811 section 4.1.1.1 it says (emphasis mine):
These commands are used to identify the SMTP client to the SMTP
server. The argument field contains the fully-qualified domain name
of the SMTP client if one is available. In situations in which the
SMTP client system does not have a meaningful domain name (e.g., when
its address is dynamically allocated and no reverse mapping record is
available), the client SHOULD send an address literal (see section
4.1.3), optionally followed by information that will help to identify
the client system.
The name HADES is not a fully qualified domainname (which is hostname+domain, eg www.example.com, some definitions of FQDN also require a dot a the end (ie www.example.com. but I am unsure if that is required by SMTP). If you don't have a FQDN, you should use an address literal (see section 4.1.3 Address Literals), which basically is the IP address.
Also be sure that your SMTP server is not actively restricting access to unknown or unauthenticated hosts.
I am using com.enterprisedt.net.ftp.FTPClient to login my FTPSERVER
using the following command ftpClient.login(USER_NAME,PASSWORD());
am using com.enterprisedt.net.ftp.
But some times am getting "Not logged in" error.
FTP server has a domain name. but i log in only with user name and pwd and host name as the dns name.
In some 10, 15 , 20 minutes I get a "not logged in" error.
It is not occuring always, not in any specific pattern also, but immedietly after the error the connection is succesful.
[INFO] [FTPPull : getFTPConnection] - Error occured while FTP login : Not logged in The host is xxx.yyy.in The port used is 6370 [12] [2011-11-10 14:59:18 CET ]
but next connection was succesful
[INFO] [FTPPull : getFTPConnection] - Login Successful [12] [2011-11-10 15:09:18 CET ]
Please help, not sure why sometimes getting connected and sometimes not connected.
Regards,
Sridevi
Your problem is probably that there is a timeout at the FTP command channel level. When your client detects it, it reconnects automatically, as you have witnessed.
Now, you have to understand where that timeout comes from: either the client side or the server side:
first check the configuration on the server side: can you change the command channel timeout to a higher value, or even to infinite?
then check the API for your client (I personally use Apache Commons' FTP client): does it have a way to set the timeout too?
finally, check in the API whether sockets to the command channel use TCP keepalive; if not, does it have a method to set it? If you pass a Socket yourself to the constructor, make it keepalive before constructing your client instance.
The most likely scenario is however that the FTP server itself closes the command channel. Changing that is implementation dependent.
A good way to check the server side disconnection is to use a command line FTP client to check. I personally use lftp for that:
$ lftp ftp://some.ftp.site/
lftp> debug
# idle, idle...
# if the server times out, it will tell you so