I need this for documentcapture, but I'm unable to locate this information.
From the Microsoft Support Document: POP and IMAP settings for Outlook Office 365 for business
Incoming Mail (IMAP) Server:
Host: outlook.office365.com
Port: 993
Requires SSL (TLS): Yes
Incoming Mail (POP) Server:
Host: outlook.office365.com
Port: 995
Requires SSL (TLS): Yes
Outgoing Mail (SMTP) Server:
Host: smtp.office365.com
Port: 587
Requires SSL (TLS): Yes
Related
I want to send mail as a reminder in Admin Server
But get this error:
com.sun.mail.util.MailConnectException: Couldn't connect to host, port: smtp.gmail.com, 587; timeout 20000
...
I have searched a lot online but still don't work
My Admin Server Application YAML configuration file:
spring:
security:
user:
name: admin
password: 123456
boot:
admin:
notify:
mail:
enabled: true
# receivers
to: xxx#outlook.com
ignore-changes: {"UNKNOWN:UP"}
# copy-to list
cc:
from: Spring Boot Admin<xxx#gmail.com>
# mail sender
mail:
host: smtp.gmail.com
port: 587
username: xxx#gmail.com
# with 2-factor authentication, we should get app password from Google
password: my-app-password
default-encoding: UTF-8
properties:
mail:
smtp:
connectiontimeout: 20000
timeout: 20000
writetimeout: 20000
starttls:
enable: true
required: true
auth: true
ssl:
enable: true
required: true
debug: true
server:
port: 8081
I config the settings with the help of this instruction
btw, 2-factor authentication is enabled with my Google account, so I followed this instruction to get my "app password"
But after I start my Admin Server application, and wait 20 second, the error appears
I have tried change port to 465, not working
I have tried spring.mail.properties.mail.smtp.socketFactory.port and configure it to 465, not working
I'm using Windows 11 and windows firewall has no Outbound rule against java, java platform, intelliJ idea, there're Inbound rules that block java and java(TM) platform, not working
With my config above, Admin Server should send a mail to xxx#outlook.com from xxx#gmail.com.
I thought with HAProxy 2.4 supporting WebSockets over h2, I would finally be able to get websockets over HAProxy to work... But no...
When my browser tries to connect, it instantly gives up on the "connect?transport=webSockets" and tries SSE. This "connect" also is instantly abandoned and yet it "start?transport=SSE" just fine.
Logging in HAProxy says it never even got the requests for connect.
Nov 17 17:10:19 127.0.0.1 haproxy[26334]: 192.168.126.78:1228 [17/Nov/2021:17:10:18.520] www-httpsStrict~ test_backend/werdc2020 557/0/0/2/558 200 704 - - --VN 2/1/0/0/0 0/0 "GET https://myserver.com/signalr/negotiate?clientProtocol=2.1&connectionData=%5B%7B%22name%22%3A%22testservice%22%7D%5D&_=1637143818090 HTTP/2.0"
Nov 17 17:10:19 127.0.0.1 haproxy[26334]: 192.168.126.78:1228 [17/Nov/2021:17:10:19.075] www-httpsStrict~ test_backend/werdc2020 52/0/0/1/52 404 1392 - - --VN 2/1/0/0/0 0/0 "GET https://myserver.com/favicon.ico HTTP/2.0"
Nov 17 17:10:19 127.0.0.1 haproxy[26334]: 192.168.126.78:1228 [17/Nov/2021:17:10:19.279] www-httpsStrict~ test_backend/werdc2020 96/0/0/7/103 200 339 - - --VN 3/2/1/1/0 0/0 "GET https://myserver.com/signalr/start?transport=serverSentEvents&clientProtocol=2.1&connectionToken=%2FZ99uK3N88wIyXYxQlQc4w42M3jcf0Tz6tbLcm7CXhOcTgTu7qgbfsMxn9l6GNP%2FML39o%2BabOZ4GSQDgAxo7oYXIacee8Ku2Nd1QXvWRalisPY%2BTIgddfJsWdE828LaH&connectionData=%5B%7B%22name%22%3A%22testservice%22%7D%5D&_=1637143818091 HTTP/2.0"
Nov 17 17:10:19 127.0.0.1 haproxy[26334]: 192.168.126.78:1228 [17/Nov/2021:17:10:19.375] www-httpsStrict~ test_backend/werdc2020 65/0/0/20/84 200 348 - - --VN 3/2/1/1/0 0/0 "POST https://myserver.com/signalr/send?transport=serverSentEvents&clientProtocol=2.1&connectionToken=%2FZ99uK3N88wIyXYxQlQc4w42M3jcf0Tz6tbLcm7CXhOcTgTu7qgbfsMxn9l6GNP%2FML39o%2BabOZ4GSQDgAxo7oYXIacee8Ku2Nd1QXvWRalisPY%2BTIgddfJsWdE828LaH&connectionData=%5B%7B%22name%22%3A%22testservice%22%7D%5D HTTP/2.0"
If I connect directly on the server it works just fine...
HAProxy config:
global
log 127.0.0.1 local0 debug
log-tag haproxy
maxconn 10000
user haproxy
group haproxy
daemon
nbproc 1
nbthread 8
#cpu-map auto:all 0-1
stats socket /var/run/haproxy.sock mode 600 level admin
stats timeout 30s
pidfile /var/run/haproxy.pid
tune.ssl.default-dh-param 2048
tune.ssl.cachesize 100000
tune.ssl.lifetime 600
tune.ssl.maxrecord 1460
# intermediate configuration
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!MD5:!aNULL:!DH:!RC4
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5s
timeout client 1m
timeout client-fin 1m
timeout server 1h
timeout tunnel 1h
frontend stats
bind 0.0.0.0:8080
mode http
stats enable
stats hide-version
stats realm Haproxy\ Statistics
stats uri /
stats auth myuser:1111
stats refresh 60s
# Force front server MUST use redirect on HTTPS
frontend www-httpStrict
bind *:80
option splice-auto
# Test URI to see if its a letsencrypt request
acl letsencrypt-acl path_beg /.well-known
acl test hdr_sub(cookie) istest=true
redirect scheme https code 307 if !{ ssl_fc } !letsencrypt-acl
use_backend letsencrypt if letsencrypt-acl
use_backend test_backend if test
default_backend www-backendStrict
frontend www-httpsStrict
bind *:443 tfo ssl crt /etc/ssl/private alpn h2,http/1.1
option forwardfor
option splice-auto
acl test hdr_sub(cookie) istest=true
use_backend test_backend if test
default_backend www-backendStrict
backend letsencrypt
server nginx 127.0.0.1:8888
# this backend require haproxy open SSL tunel to port 443 on webservers
backend www-backendStrict
balance roundrobin
cookie MyWebFarm insert
option forwardfor
option splice-auto
option tcp-smart-connect
option httpchk
http-check connect ssl alpn h2 sni myserver.com
http-check send meth HEAD uri /login.aspx ver HTTP/2 hdr Host myserver.com
http-check expect status 200-399
http-request add-header X-Forwarded-Proto https if { ssl_fc }
retry-on all-retryable-errors
http-request disable-l7-retry if METH_POST
default-server ssl tfo verify none alpn h2,http/1.1 check allow-0rtt
server werdc01 192.168.1.5:443 cookie werc01 check
server werdc2020 192.168.1.6:443 cookie werdc2020 check
backend test_backend
balance roundrobin
cookie MyWebFarm insert
option forwardfor
option splice-auto
option tcp-smart-connect
option httpchk
http-check connect ssl alpn h2 sni myserver.com
http-check send meth HEAD uri /login.aspx ver HTTP/2 hdr Host myserver.com
http-check expect status 200-399
http-request add-header X-Forwarded-Proto https if { ssl_fc }
retry-on all-retryable-errors
http-request disable-l7-retry if METH_POST
default-server ssl verify none alpn h2,http/1.1 check allow-0rtt
server werdc2020 192.168.1.6:443 cookie werdc2020 check
I have the istest cookie set to always hit the test_backend...
Headers sent from browser:
GET /signalr/connect?transport=webSockets&clientProtocol=2.1&connectionToken=%2FZ99uK3N88wIyXYxQlQc4w42M3jcf0Tz6tbLcm7CXhOcTgTu7qgbfsMxn9l6GNP%2FML39o%2BabOZ4GSQDgAxo7oYXIacee8Ku2Nd1QXvWRalisPY%2BTIgddfJsWdE828LaH&connectionData=%5B%7B%22name%22%3A%22catiservice%22%7D%5D&tid=7 undefined
Host: myserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://myserver.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P1GaqaLxIxBfuXDCtxuQwg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: _ga=GA1.2.95033637.1627965955; .MyAuth=D758016C45CF1B9BDC38D17DCAF7A3CEE7E528B97352267A1B0D019BFE20964BF2900C655950E126CD7FC08CB421C1A997D1A5FDB0266316B920634FB2C23B63080B271B6331096902B47BF73661240D; MyWebFarm=werdc2020; ASP.NET_SessionId=w1zibnnuht4ohicpntyhn55q; istest=true
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
TE: trailers
Why doesn't HAProxy see the "connect" requests?
Why doesn't it connect with WebSockets?
There is a github issue on this: https://github.com/haproxy/haproxy/issues/162
Although your question isn't very insightful, I'd recommend to strip down your config to the bare minimum to test websocket.
Here's a snippet to consider
option http-server-close
option http-use-htx
acl hdr_connection_upgrade hdr(Connection) -i upgrade
acl hdr_upgrade_websocket hdr(Upgrade) -i websocket
Why doesn't HAProxy see the "connect" requests?
I suppose, just because the CONNECT has not been successful. If you'd use tcpdump you pretty sure would see a request incoming.
Using the explanation from #sgohl this config works (at least until 2.5 fixes the issue):
global
log 127.0.0.1 local0 debug
log-tag haproxy
maxconn 10000
user haproxy
group haproxy
daemon
nbproc 1
nbthread 8
#cpu-map auto:all 0-1
stats socket /var/run/haproxy.sock mode 600 level admin
stats timeout 30s
pidfile /var/run/haproxy.pid
tune.ssl.default-dh-param 2048
tune.ssl.cachesize 100000
tune.ssl.lifetime 600
tune.ssl.maxrecord 1460
# intermediate configuration
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:!MD5:!aNULL:!DH:!RC4
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
defaults all
log global
mode http
option httplog
option dontlognull
timeout connect 5s
timeout client 1m
timeout client-fin 1m
timeout server 1h
timeout tunnel 4h
option splice-auto
option tcp-smart-connect
balance roundrobin
option forwardfor
retry-on all-retryable-errors
frontend stats from all
bind *:8080
stats enable
stats hide-version
stats realm Haproxy\ Statistics
stats uri /
stats auth Myuser:11111
stats refresh 60s
listen www from all
bind *:80
bind *:443 tfo ssl crt /etc/ssl/private alpn h2,http/1.1 allow-0rtt
# Test URI to see if its a letsencrypt request
acs letsencrypt path_beg /.well-known
http-request redirect scheme https unless { ssl_fc } or letsencrypt
use_backend letsencrypt if letsencrypt
http-response set-header Strict-Transport-Security "max-age=10886400; includeSubDomains; preload;"
use_backend ws if { hdr(Connection) -i upgrade } or { hdr(Upgrade) -i websocket }
default_backend h2
backend letsencrypt
server letsencrypt 127.0.0.1:8888
defaults cg from all
cookie MyWebFarm insert
option httpchk
http-check connect ssl alpn h2 sni myserver.com
http-check send meth HEAD uri /login.aspx ver HTTP/2 hdr Host myserver.com
http-check expect status 200-399
backend h2 from cg
default-server ssl tfo verify none alpn h2 check allow-0rtt
http-request disable-l7-retry if METH_POST
use-server werdc2020 if { hdr_sub(cookie) istest=true }
server werdc01 192.168.1.5:443 cookie werc01
server werdc2020 192.168.1.6:443 cookie werdc2020
backend ws from cg
default-server ssl tfo verify none alpn http/1.1 check allow-0rtt
http-request disable-l7-retry if METH_POST
use-server werdc2020 if { hdr_sub(cookie) istest=true }
server werdc01 192.168.1.5:443 cookie werc01
server werdc2020 192.168.1.6:443 cookie werdc2020
I'm trying to connect to internet services (specifically Facebook API) from an internal application, and for that I have to go through one of two proxies provided by the security team. If I use one of these proxies with CURL then it works OK:
export http_proxy=http://<user>:<pass>#<proxy_ip>:<port>/
export https_proxy=http://<user>:<pass>#<proxy_ip>:<port>/
curl -v -I https://graph.facebook.com/v7.0/me/messages
* About to connect() to proxy <proxy_ip> port <port> (#0)
* Trying <proxy_ip>...
* Connected to <proxy_ip> (<proxy_ip>) port <port> (#0)
* Establish HTTP proxy tunnel to graph.facebook.com:443
* Proxy auth using Basic with user '<user>'
> CONNECT graph.facebook.com:443 HTTP/1.1
> Host: graph.facebook.com:443
> Proxy-Authorization: Basic <base64>
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=*.facebook.com,O="Facebook, Inc.",L=Menlo Park,ST=California,C=US
* start date: May 14 00:00:00 2020 GMT
* expire date: Aug 05 12:00:00 2020 GMT
* common name: *.facebook.com
* issuer: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
> HEAD /v7.0/me/messages HTTP/1.1
> User-Agent: curl/7.29.0
> Host: graph.facebook.com
> Accept: */*
>
< HTTP/1.1 400 Bad Request
HTTP/1.1 400 Bad Request
< WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "An active access token must be used to query information about the current user."
Facebook replied with HTTP 400 Bad Request but it doesn't matter now, I'm just trying to see that it reaches Facebook correctly, which it does.
Now, thing is, security team provided two proxies, and I should use them in failover mode, meaning after a (preferably configurable) number of timeouts from proxy 1, I should switch to proxy 2. Before I implement this feature in my application, I wanted to see if I can configure HAProxy to handle all this for me (as I'm already using HAProxy on this same server for inbound direction from Facebook, through another proxy).
So, this is my HAProxy configuration:
global
log 127.0.0.1 local2 debug
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
stats socket /etc/haproxy/haproxysock level admin
defaults
log global
option httplog
mode http
timeout connect 5000
timeout client 50000
timeout server 50000
# Incoming messages from Facebook
frontend chatbot_front
bind *:8773 ssl crt /etc/haproxy/haproxy.cer
use_backend chatbot_back
backend chatbot_back
balance roundrobin
server chatbot1 <chatbot_ip1>:<chatbot_port1> check ssl verify none
server chatbot2 <chatbot_ip2>:<chatbot_port2> check ssl verify none
# Outbound messages to Facebook through another proxy
frontend serverproxy_front
bind *:8775 ssl crt /etc/haproxy/haproxy.cer
use_backend serverproxy_back
backend serverproxy_back
balance roundrobin
option httpclose
option forwardfor header X-Client
cookie SERVERID insert indirect nocache
http-request set-header Proxy-Authorization "Basic <base64>"
server serverproxy1 <proxy_ip1>:<port1> check
server serverproxy2 <proxy_ip2>:<port2> check
listen stats
bind *:8774 ssl crt /etc/haproxy/haproxy.cer
mode http
maxconn 5
stats enable
stats refresh 10s
stats realm Haproxy\ Statistics
stats uri /stats
stats auth <user>:<password>
The relevant config is the frontend serverproxy_front and the backend serverproxy_back settings above. I tried to look into tutorials on how to set up HAProxy as forward proxy, and this is what I got. But when I try to use it, it doesn't work:
export http_proxy=http://127.0.0.1:8775
export https_proxy=http://127.0.0.1:8775
curl -v -I https://graph.facebook.com/v7.0/me/messages
* About to connect() to proxy <local_ip> port 8775 (#0)
* Trying <local_ip>...
* Connected to <local_ip> (<local_ip>) port 8775 (#0)
* Establish HTTP proxy tunnel to graph.facebook.com:443
> CONNECT graph.facebook.com:443 HTTP/1.1
> Host: graph.facebook.com:443
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
>
* Proxy CONNECT aborted
* Connection #0 to host <local_ip> left intact
curl: (56) Proxy CONNECT aborted
What am I missing here?
EDIT: fixed typo
I found it. It is an embarrassingly basic issue: the 8775 port on the haproxy was configured as "https", but I was using it as simple "http" for proxy URL...
Changing config to:
frontend serverproxy_front
# bind *:8775 ssl crt /etc/haproxy/haproxy.cer
bind *:8775
And restarting haproxy, it works successfully.
I have the following configuration of the mail account of my company in develop, which goes perfectly:
mail:
host: smtp.xxx.es
port: 587
username: notifications-noreply#xxx.es
password: xxxx
protocol: smtp
#tls: true
properties.mail.smtp:
auth: true
from: notifications-noreply#xxx.es
starttls.enable: true
ssl.trust: smtp.xxx.es
I copy de same data from "application-dev.yml" to "application-prod.yml".
I make the deployment in Google Cloud.
It does not send me mails and the logs tells me the following:
: Email could not be sent to user 'joseluis.xxx#xxx.com': Mail server connection failed; nested exception is com.sun.mail.util.MailConnectException: Couldn't connect to host, port: smtp.xxx.es, 587; timeout -1;
nested exception is:
java.net.ConnectException: Operation timed out (Connection timed out). Failed messages: com.sun.mail.util.MailConnectException: Couldn't connect to host, port: smtp.xxx.es, 587; timeout -1;
nested exception is:
java.net.ConnectException: Operation timed out (Connection timed out)
Can somebody help me?
As described in the Google Cloud documentation you can't send e-mail from your Google Cloud VM using port 587. So this has nothing to do with JHipster, it's a limitation from your cloud provider.
I personally use Mailgun, which uses port 2525 (which is allowed by Google Cloud), here is my configuration for https://start.jhipster.tech (a JHipster application that runs on Google Cloud):
spring:
mail:
host: smtp.mailgun.org
port: 2525
username: xxxxx#mg.jhipster.tech
password: xxxxx
As Mailgun provides a generious free tier you can test this for free - in fact I use it in production and haven't paid anything yet!
I have the next settings in the Joomla Global Configuration panel.
**Mail Settings**
Mailer: SMTP Server
Mail from: email#mydomain.com
From Name: John Smith
Sendmail Path:
SMTP Authentication: Yes
SMTP Security: SSL
SMTP Port: 465
SMTP Username: email#mydomain.com
SMTP Password: ******
SMTP Host: gmail-smtp-in.l.google.com
I am running Joomla 1.5.14.
I have in my google apps domain both IMAP and POP enabled.
When I try to send an email with an article link by clicking the small envelope icon I get the next feedback. "The e-mail cold not be send correctly". The SMTP validation seems to work because I do not get any SMTP error but the email is not sent. Any idea would be really appreciated!
I have tested with SMTP Host as smtp.gmail.com without success.
I have tried with sendmail defined as /usr/sbin/postfix but without success.
Solution
Set sendmail path to the sendmail command or point sendmail to postfix if you have postfix installed.
Set SMTP Host to smtp.gmail.com. I would look like:
**Mail Settings**
Mailer: SMTP Server
Mail from: email#mydomain.com
From Name: John Smith
Sendmail Path: /usr/sbin/sendmail
SMTP Authentication: Yes
SMTP Security: SSL
SMTP Port: 465
SMTP Username: email#mydomain.com
SMTP Password: ******
SMTP Host: smtp.gmail.com
Mail Settings
Mailer: SMTP Server Mail from: emailmydomain.com
From Name: John Smith
Sendmail Path: /usr/sbin/sendmail
SMTP Authentication: Yes
SMTP Security: None
SMTP Port: 25
SMTP Username: emailmydomain.com
SMTP Password: **
SMTP Host: ssl://smtp.gmail.com:465
I have Virtuemart 1.1.4 with Joomla! 1.5.15.
The configuration that works for me was (both for virtuemart and joomla contacts):
Mail Settings
Mailer: SMTP Server
Mail from: email#mydomain.com
From Name: John Smith
Sendmail Path: /usr/sbin/sendmail
SMTP Authentication: Yes
SMTP Security: None
SMTP Port: 25
SMTP Username: email#mydomain.com
SMTP Password: ******
SMTP Host: ssl://smtp.gmail.com:465