Same SMTP issue

2018-09-28 21:15:36.395Z2018-09-30 12:54:00.037Z

Hi @KajMagnus! Thanks for all the help you've given me so far. I'm hoping to get the SMTP sending working finally for my forums.

Here is the error I currently experience:

app_1 | {"message":"s1: Sending email [TyMEMLSENDNG]: Email(adgnbaax7shp41ok,VerifyAddress,myemail@example.com,Some(100),None,Fri Sep 28 21:08:41
GMT 2018,[cpce.group] Confirm your email address,\n\n\n\n\n\n
\n
Hello warsix4,
\n\n
\n\n\n To verify email address myemail@example.com fo
r\n user warsix4 at \n <a href="https://cpce.group" style="text-decoration: none !important; color: #555 !important;">cpce.group\n,\nplease cli
ck <a href="https://cpce.group/-/confirm-email-address?confirmationEmailId=adgnbaax7shp41ok">this link.\n
\n\n
\n(If however you don't know w
hat this is about, don't click the link. \nMaybe someone typed the wrong address.)\n
\n\n
\nKind regards,
\nTalkyard\n
\n
\n\n,None,None
)","severity":"DEBUG"}
app_1 | {"message":"s1: Error sending email [TyEEMLERR]: Email(adgnbaax7shp41ok,VerifyAddress,myemail@example2.com,Some(100),Some(Fri Sep 28 21:08:41 GM
T 2018),Fri Sep 28 21:08:41 GMT 2018,[cpce.group] Confirm your email address,\n\n\n\n\n\n
\n
Hello warsix4,
\n\n
\n\n\n To verify email add
ress myemail@example.com for\n user warsix4 at \n <a href="https://cpce.group" style="text-decoration: none !important; color: #555 !important;">c
pce.group\n,\nplease click <a href="https://cpce.group/-/confirm-email-address?confirmationEmailId=adgnbaax7shp41ok">this link.\n
\n\n
\n
(If however you don't know what this is about, don't click the link. \nMaybe someone typed the wrong address.)\n
\n\n
\nKind regards,
\nTalkyard
\n
\n
\n\n,None,Some(Sending the email to the following server failed : mail.warmbo.com:25\nCaused by: Could not convert socket to TLS\nCaused b
y: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find vali
d certification path to requested target\nCaused by: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to fi
nd valid certification path to requested target\nCaused by: unable to find valid certification path to requested target))","severity":"WARN","serviceCon
text":{"service":"ed-app","version":"0.0.1"},"context":{"reportLocation":{"filePath":"Mailer.scala","lineNumber":357,"functionName":"sendEmail","classNa
me":"debiki.Mailer"}}}

Here is my play-framework email config:

talkyard.smtp.host="192.168.x.x"
talkyard.smtp.port="25"
talkyard.smtp.requireStartTls=false
#talkyard.smtp.tlsPort="465"
talkyard.smtp.connectWithTls=false
talkyard.smtp.checkServerIdentity=false
talkyard.smtp.user="me@example.com"
talkyard.smtp.password="Password"
talkyard.smtp.fromAddress="me@example.com"

Any suggestions? I'm not getting any errors from other services on my network using the SMTP server so I can only assume it's a Talkyard configuration somewhere.

Reply

6 replies

C
Cody @codywarmbo
2018-09-28 21:18:24.778Z
Can my reverse proxy, which handles all of my certificates, somehow be the issue? It should be going over the local network though and never need to pass thru to the WAN.

Can I disable HTTPS in play-framework and not have any side-effects?
Reply
1. KajMagnus @KajMagnus
  core-dev
  support-team
  2018-09-30 13:15:41.728Z
  I think, like you say, this isn't related to the reverse proxy. I think it's a Talkyard config thing / source code bug combination. (See my other reply)
  
  With disabling HTTPS, you mean setting talkyard.secure=false in play-framework.conf? That isn't related to this — instead, secure=true here helps Talkyard understand HTTPS is in use, although there's [a reverse proxy that offloads TLS (changes HTTPS to HTTP)] in front of Talkyard. Helps Talkyard know it should generate HTTPS links to itself, and use HTTPS-secure-cooies although (from the Talkyard server's point of view) it looks as if incoming traffic is HTTP.
  Reply
In reply tocodywarmbo⬆:
KajMagnus @KajMagnus
core-dev
support-team
2018-09-30 13:17:31.565Z2018-09-30 13:29:28.403Z
Would you like to try adding this config value?:

talkyard.smtp.insecureTrustAllHosts=true

(That'll configure Java Mail with: session.getProperties.put("mail.smtp.ssl.trust", "*") )

And restart the web and app containers (with Nginx and Play Framework, respectively):

cd /opt/talkyard/ docker-compose restart web app

(B.t.w. there were some email addresses in the log messages above — I changed them to something@example.com.)

If this doesn't work, I'll websearch for "java mail "PKIX path building failed"" and try connecting over insecure SMTP to a test server on localhost. Right now, to test sending-email, I've installed a self signed dummy test cert, in the test email server.
Reply 1 Like
1. C Cody @codywarmbo
  2018-10-01 01:04:11.193Z
  Well thanks so much! I made progress. Now I don't get an error in the app logs. However, the email still wasn't sent.
  
  Thanks again for taking the time to help me!
  Reply
  C Cody @codywarmbo
  2018-10-01 01:28:28.266Z
  Okay, the email was sent! I expected it to go to the email address I wanted to verify but it was sent to the email I used to sign up. I was using a secondary email account on my profile to test the verification messages.
  
  Reply
  KajMagnus @KajMagnus
  core-dev
  support-team
  2019-06-09 13:09:24.425Z
  Oh now I understand what happened. There was a bug that resulted in verification emails getting sent to one's old address (instead of the new); just fixed it: https://www.talkyard.io/-188/bug-if-adding-a-2nd-gmail-email-the-verification-email-gets-sent-to-ones-1st-address
  
  Anyway, marking this as done. I hope all is fine with you
  
  Reply 1 Like
Progress
with handling this problem
@KajMagnus marked this topic as Done 2019-06-09 13:09:34.209Z.

Reply (discussion)Add progress note