i'm trying to send email from web Application deployed in Godaddy Windows 2012 Vitual Private Server.
Error Displayed "Server actively refused the connection".
Email send from my local system, but outgoing email is not working on Godaddy Hosting.
using (var smtp = new SmtpClient()) {
var credential = new NetworkCredential {
UserName = "user#outlook.com",
Password = "password" };
smtp.Credentials = credential;
smtp.Host = "smtp.gmail.com";
smtp.Port = 587;
smtp.EnableSsl = true;
await smtp.SendMailAsync(message);
return RedirectToAction("Sent");
}
Firstly, try adding:
smtp.UseDefaultCredentials = false;
Before:
smtp.Credentials = credential;
Since June of 2016, Gmail changed its DMARC policy from p="none" to p="reject".
Any emails sent using a from address ending with #gmail.com, will have to originate from within Gmail's infrastructure.
You will need to use an email sending service, such as SendGrid (www.sendgrid.com) or mailgun (www.mailgun.com).
You should be using one of these anyway, as they help you keep off spam blacklists and provide lots of other benefits, including details of showing you if emails have been blocked due to bad email addresses, spam reports, etc.
More information on what DMARC is and how it works is available in this article on the Sendgrid blog.
Related
I'm just creating my first WCF project, so I have a lot of deficiencies in knowledge in this field. My problem is that when I'm calling my WCF url in web browser, I have to enter the credentials but I cannot even use my domain name and password, but I have to choose my personal chip card certificate and enter it's password. After that, everything work like a charm.
My final product should be installed on every user workstation in our domain for IT operations purposes only. So there will be some AD authorization after that.
About certificate... We have our own company root CA certificate, and every workstation have it's own certificate which is it's grandchild:
Example of our certificate tree:
COMPANYROOTCA >> COMPANYSUBCA1 >> WORKSTATIONNAME.DOMAIN (this one is used as WCF service cert)
This is what I have right now for hosting the WCF in my Windows service running under NetworkService Account:
serviceHost.Dispose(); //extension for close() and set to null
Uri httpsUrl = new Uri("baseAdress");
serviceHost = new ServiceHost(typeof(Service.myService), httpsUrl);
WSHttpBinding wsHttpBinding = new WSHttpBinding();
wsHttpBinding.Security.Mode = SecurityMode.Transport;
wsHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
wsHttpBinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;
WebHttpBinding webHttpBinding = new WebHttpBinding();
webHttpBinding.Security.Mode = WebHttpSecurityMode.Transport;
webHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
webHttpBinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;
ServiceMetadataBehavior smb = new ServiceMetadataBehavior
{
HttpGetEnabled = false,
HttpsGetEnabled = true,
};
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection collection = store.Certificates;
X509Certificate2 cert = collection.OfType<X509Certificate2>().First(c => c.SubjectName.Name == "CN=WorkstationName.Domain");
store.Close();
serviceHost.Credentials.ServiceCertificate.Certificate = cert;
ServiceThrottlingBehavior throttleBehavior = new ServiceThrottlingBehavior
{
MaxConcurrentCalls = 16,
MaxConcurrentInstances = 26,
MaxConcurrentSessions = 10
};
serviceHost.Description.Behaviors.Add(throttleBehavior);
ServiceEndpoint soapEndpoint = serviceHost.AddServiceEndpoint(typeof(Contract.IMyService), wsHttpBinding, "soap");
ServiceEndpoint restEndpoint = serviceHost.AddServiceEndpoint(typeof(Contract.IMyService), webHttpBinding, "rest");
ServiceEndpoint mexEndpoint = serviceHost.AddServiceEndpoint(typeof(IMetadataExchange), MetadataExchangeBindings.CreateMexHttpsBinding(), "mex");
restEndpoint.Behaviors.Add(new WebHttpBehavior());
tempAdminHost.Open();
So my question is: Is there any way, how to, for example, automaticaly get domain account which use the browser and call the url or any alternative how to still use HTTPS but without putting any credentials?
I didn’t see the way you use the credential to authenticate the client. the client credential type of the two endpoints you use to host the service are None. How does the browser ask you to input the credential? Besides, by default, If the server set up the ClientCredentialType to Windows, the client would use the current user as the credential. The current user’s password and account will be default credential when need to provide a credential.
One more thing to note, if you are simply prompted in the browser to select a certificate instead of the credential(user/password), as follows,
We may have configured the following parameter(clientcertnegotiation parameter).
netsh http add sslcert ipport=127.0.0.1:8000 certhash=c20ed305ea705cc4e36b317af6ce35dc03cfb83d appid={c9670020-5288-47ea-70b3-5a13da258012} clientcertnegotiation=enable
Because the way you use to provide a certificate to encrypt the communication is not correct.
serviceHost.Credentials.ServiceCertificate.Certificate = cert;
We need to bind the certificate to Port.
https://learn.microsoft.com/en-us/windows/desktop/http/add-sslcert
when hosting the service in IIS, we accomplish it by the below UI.
And the parameter configuration depends on the below.
So I suspect the process that binds the certificate to the specified port is completed by IIS. and the parameter should be ignored.
Feel free to let me know if there is anything I can help with.
We have an MVC app that connects to the Exchange server. We used to connect to an on premises server using this code to create the service:
if (string.IsNullOrEmpty(Current.UserPassword))
{
throw new UnauthorizedAccessException("Exchange access requires Authentication by Password");
}
return new ExchangeService
{
Credentials = new NetworkCredential(Current.User.LoginName, Current.UserPassword),
Url = new Uri(ConfigurationManager.AppSettings["ExchangeServiceUrl"]),
};
This worked fine, but now our IT department is migrating the Exchange server to the cloud, and some users are on the cloud server while others are on premises. So I changed the code to this:
if (string.IsNullOrEmpty(Current.UserPassword))
{
throw new UnauthorizedAccessException("Exchange access requires Authentication by Password");
}
var user = ConfigurationManager.AppSettings["ExchangeUser"];
var password = ConfigurationManager.AppSettings["ExchangePassword"];
var exchangeService = new ExchangeService(ExchangeVersion.Exchange2010_SP2)
{
Credentials = new NetworkCredential(user, password),
};
exchangeService.AutodiscoverUrl(Current.EmaiLuser + "#calamos.com", RedirectionCallback);
exchangeService.Credentials = new NetworkCredential(Current.EmaiLuser + "#calamos.com", Current.UserPassword);
return exchangeService;
I am using a service account to do the autodiscovery ( for some reason it doesn't work with a regular account) and then I am changing the credentials of the service to the user that logs in, so he can access the inbox. The problem is that , randomly, the server returns "The request failed. The remote server returned an error: (401) Unauthorized.".
I asked the IT department to check the Exchange logs, but there is nothing there about this error, so I don't know how to fix it...
So by cloud do you mean Office365 ?
I am using a service account to do the autodiscovery ( for some reason it doesn't work with a regular account)
For the users in the cloud you need to ensure the request are sent to the cloud servers maybe enable tracing https://msdn.microsoft.com/en-us/library/office/dd633676(v=exchg.80).aspx and then have a look at where the failed requests are being routed. From what you are saying your discovery is going to always point to your internal servers which is why the request will fail for the cloud based users. You need to have a way of identifying the users that are in the cloud and I would suggest you then just use the single Office365 Endpoint (eg you don't need Autodiscover for that) https//outlook.office365.com/EWS/Exchange.asmx
I am using PHPMailer (via SMTP) to send out emails via my websites. I am using a windows 2012 server as my mail server which is using Hmailserver. I am using Mailgun to relay my emails.
Things I have done:
I have setup and validated my mailgun settings.
I have tested sending and receiving emails via the server without the relay (works fine).
My dilemma:
At one stage I am going to have to state the relay information, such as the authentication or hostname. So far, i see two place where i can declare this - see below:
1) Specify via PHPMailer script:
$mail->IsSMTP();
$mail->host = "smtp.mailgun.org";
$mail->Username = "username";
$mail->Password = "password";
2) Specify in hmailserver admin (on the server):
http://puu.sh/cJLpk/c3d548981c.png
Which way do I do this if I want to relay all my emails?
Using your local mail server (hmailserver) as a relay will be faster (at least for your client scripts) and much more reliable. It should be configured to point at mailgun, as in your screen shot. Mailgun should provide you with credentials that you can use for authenticating the relay.
When you send with PHPMailer, you should configure it to point at localhost, like this:
$mail->IsSMTP();
$mail->Host = 'localhost';
$mail->Username = "username";
$mail->Password = "password";
(You may not need username and password for your local server). Though it may sound odd, using SMTP to localhost is often faster than calling a local sendmail binary (or using PHP's mail() function).
In your original code you had host instead of Host - PHP is case-senetive for property names, so that would have been failing if that was your real code.
That should be all there is to it.
The only other complication is if hmailserver is also sending messages that are not supposed to go through mailgun, in which case you will need to get further into your hmailserver config.
I had somebody build me a site using PHP and Codeigniter framework.On the test server everything was working properly, but now, once the site is transfered on Justhost, email function doesnt work.At first i tought i didnt used the correct SMTP settings, but they are fine (support took a look).
Basically, owner can put his property on the site (like this:http://goo.gl/AZcrj), and when the visitor fills the contact form on the bottom, email is sent to owners email address, and the he can reply to the visitors email.
First time i used Justhost SMTP settings and tested it, email was sent.But from that point, till now, i always get an error when i try to send message via contact form.I even tried using Gmail SMTP settings, same thing happens :\
Here is the code, does anybody have any clue?
Btw, im a PHP rookie, so i dont know much, but i did my best to explain
public function send_mail($res)
{
$this->load->library('email');
$config['protocol'] = 'smtp';
$config['smtp_host'] = 'sslsmtp.gmail.com'; --- i tried with ssl://smtp.gmail.com, same thing happens
$config['smtp_port'] = '465';
$config['smtp_timeout'] = '7';
$config['smtp_user'] = 'email';
$config['smtp_pass'] = 'password';
$this->email->initialize($config);
$this->email->from($res['sender_email'], $res['sender_name']);
$this->email->to($res['reciever']);
$this->email->reply_to($res['sender_email'], $res['sender_name']);
$this->email->subject('Email from site.');
$this->email->message($res['message']);
if($this->email->send()) {
return true;
} else {
return false;
}
//configure mail agent...
}
It seems Justhost blocks outgoing ports for shared IPs. I was having the same issue and came across this link (https://my.justhost.com/cgi/help/405) while searching for an answer.
From the above link:
Outgoing Ports Are Blocked
Just Host restricts port access as a result of the shared hosting
environment. In this environment, every account on a server shares a
single IP address. As a result, most ports are blocked because no
single account is assigned the IP address for the box.
To gain access to these ports, it is necessary to lease a dedicated IP
address through Just Host.
I am using spring mail to send an email via google's smptp server. I am setting my email templates "From" header but for some reason when I do receive the mail as a sender I get the owner of the smtp account. (which happens to be me again).
MimeMessage message = mailSender.createMimeMessage();
MimeMessageHelper helper = new MimeMessageHelper(message);
helper.setText(forgottenPassowrdMailTemplate.getText()
.replace("%firstName%", token.getUser().getFirstName())
.replace("%lastName%", token.getUser().getLastName())
.replace("%link%", url + token.getToken()), true);
helper.setTo(token.getUser().getEmail());
helper.setFrom(forgottenPassowrdMailTemplate.getFrom());
helper.setSubject(forgottenPassowrdMailTemplate.getSubject());
am I forgetting something ? I a am explicitly setting the "From" header
You are setting a from address that is different from the account's address. There are security measures by Google to avoid abuse, which could be fatal if you could just send with any arbitrary from address via Google's SMTP server. You need to link and verify your other account with the account you want to send the mail with. See here. Your original email address will still be available in the headers and visible to the receipient.
But why don't you just use the other accounts credentials (and mail server, if it is not a Google account)?