Email sending settings

We have tested the functionality for sending email, however, we have not been able to receive the emails in the inbox of the specified account. Are there any settings that we are skipping?

Yes, this requires your own mail server configuration. So it depends on what mail service / SMTP server you use. If you let me know what you email service you want to use, I can help you set up your configuration.

For example, I use SendGrid in my local development environment and this is what my configuration looks like.

grails.mail.enabled=true
grails.mail.debug=true
grails.mail.host=smtp.sendgrid.net
grails.mail.port=587
grails.mail.username=apikey
grails.mail.password=<password>
grails.mail.from=info@openboxes.com

NOTE: SendGrid actually uses “apikey” as the username. That’s not a placeholder for some API key they provide. This took me a few minutes to realize when I was setting this up so I wanted to mention that.

1 Like

Hello Justin.
As you indicate, it was necessary to work a little to solve the issue of sending emails from Openboxes using a Gmail account. I must clarify that it was not my job, the credit goes to my partner Juan. He resolved this issue and wants to share with you and the community how the adjustments were made.
If you or someone needs more details about it, contact me, I don’t know either, but I have the phone number of someone who does know, he is Juan Luna. XD
Using a transactional email service (gmail).docx (208.3 KB)

1 Like

Thanks so much for posting the information here. I’ll work on adding it to the Configuration documentation.

Hello, I saw the document.
I was looking for this in tomcat:
“ grails-app/services/org/pih/warehouse/core/MailService.groovy”
However, I found later that is in the source code.
I am not a programmer, so I don’t really know how to compile after making the changes and what branch to use from Github.
Also I want to be able to upgrade later without makes those changes.
Is it possible that this be include in the next version of the app?

Thank you.
RP

Hey RP

Could you explain why you want to edit the code? I can’t tell if you’re just looking to make a configuration change (which won’t require a code change) or whether you actually have a need to change the code.

Justin

Hello @jmiranda ,

I want to be able to send notification emails using gmail.
So far, that has not been possible for me.
I found this post with the document posted by @vmillan but I couldn’t find the MailService.groovy file in my installation.
I am guessing that file is in the source code before compiling the WAR.
If not, please help me how can I use gmail as my smtp with OpenBoxes.

Thank you
RP

I found this post with the document posted by @vmillan but I couldn’t find the MailService.groovy file in my installation.

Ah, sorry I didn’t realize that @vmillan needed to make code changes to make it work. I actually think we can configure everything without needing a code change.

(1) For the first issue they ran into

But following this documentation, the problem is presented that the grails.mail.props attribute is not read as an attribute array but as a complete string, which is why the property was changed as follows

You can set the Gmail properties in openboxes-config.groovy instead of openboxes-config.properties. Victor was right that the settings in .properties are treated as strings. That’s why we use the .groovy file for more advanced settings like this.

grails {
    mail {
        enabled = true
        debug = true
        host = "smtp.gmail.com"
        port = 587
        username = "your.email@gmail.com"
        password = "Google App Password"
        from = "from@email.com"
        props = ["mail.smtp.auth":"true", "mail.smtp.starttls.enable":"true", "mail.smtp.port":"587"]
    }
}

(2) For the second issue

Once this change is made. There is a problem with the secure socket communication protocol, since the java 7 Zulu version (Required according to the Ubuntu configuration manual), has the TLSv1.2 protocol restricted.

I don’t think I’ve encountered that issue myself. But I will say that locally I set the following environment variable.

export JAVA_TOOL_OPTIONS="-Dhttps.protocols=TLSv1.2"

I believe this was set to deal with some issues I was having calling APIs over HTTPS or something with IntelliJ IDEA. I don’t remember. But it’s better to set these properties as command line arguments, rather than hard-coding the values in your code.

Don’t set anything to start with. But if you encounter an issue after testing email sending with your Gmail settings, perhaps just add these two variables to your environment. You might need to figure out which varilable to use, but JAVA_OPTS is the most common.

export JAVA_OPTS="$JAVA_OPTS -Dhttps.protocols=TLSv1.2 -Dmail.smtp.ssl.protocols=TLSv1.2"

(3) And lastly

Additionally, in the particular case of Gmail, it is required to configure the account to be used for sending emails and thus allow the connection of less secure applications.

The password you normally use to log into your is not allowed here. Instead, you’ll need to create a Google App Password. See the following article for more information.
https://support.google.com/accounts/answer/185833

You can access your App Passwords using the following link
https://myaccount.google.com/apppasswords

Just create a new app password and copy the generated value into the password property in the openboxes-config.groovy

grails {
    mail {
        enabled = true
        debug = true
        host = "smtp.gmail.com"
        port = 587
        username = "your.email@gmail.com"
        password = "Google App Password"
        from = "from@email.com"
        props = ["mail.smtp.auth":"true", "mail.smtp.starttls.enable":"true", "mail.smtp.port":"587"]
    }
}

Hello @jmiranda Thank you very much for replying and following up with me.
After your instructions, I have added a new file named openboxes-configuration.groovy inside my tomcat folder:

/opt/tomcat/.grails/openboxes-configuration.groovy

And I added the code from your post to that file. However, it is still not working for me.
I also removed the options from the file openboxes-configuration.properties

When I try to test the email option inside the software to send a test email I receive the following error:

Unable to send email due to error: Sending the email to the following server failed : smtp.gmail.com:587

Please let me know if I added the file in the correct folder, otherwise please tell me where should I create that file in?

Thank you,
RP

Check the log file (/opt/tomcat/logs/catalina.out) to see if there’s a better description of what’s happening. Post the stacktrace from the log file here.

Hello @jmiranda, I can see the error is something related with TLS:

ERROR core.MailService  - Error sending plaintext email message with subject Test email to ...
org.apache.commons.mail.EmailException: Sending the email to the following server failed : smtp.gmail.com:587

Caused by: javax.mail.MessagingException: Could not convert socket to TLS;
  nested exception is:
        javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
        at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1918)
        at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:652)
        at javax.mail.Service.connect(Service.java:317)
        at javax.mail.Service.connect(Service.java:176)
        at javax.mail.Service.connect(Service.java:125)
        at javax.mail.Transport.send0(Transport.java:194)
        at javax.mail.Transport.send(Transport.java:124)
        at org.apache.commons.mail.Email.sendMimeMessage(Email.java:1388)
        ... 147 more
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
        at sun.security.ssl.Handshaker.activate(Handshaker.java:482)
        at sun.security.ssl.SSLSocketImpl.kickstartHandshake(SSLSocketImpl.java:1429)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1302)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1350)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1334)
        at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:548)
        at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:485)
        at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1913)
        ... 154 more

I can send you the entire log file if you need to see more information.

Thank you
RP

So I assume this is the SSL issue that @vmillan encountered. I have not seen this error myself, but I imagine that adding the following command line argument to the JAVA_OPTS variable would resolve the issue.

-Dmail.smtp.ssl.protocols=TLSv1.2

Refer to the documentation about creating a service on Ubuntu.
https://docs.openboxes.com/en/latest/installation/ubuntu1804/tomcat/

You just need to replace this line

Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom

with this line

Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom -Dmail.smtp.ssl.protocols=TLSv1.2

If that doesn’t work it’s probably because we’re not explicitly adding that variable to the mail properties during initialization of the mail service. If that’s necessary then that might require a code (which we can try to do over the next week or so).

An alternative (arguably better) solution would be to use a SMTP service like MailGun, SendGrid, Postmark, Amazon SES, etc. Amazon SES is probaly going to be the cheapest, but I use MailGun and SendGrid on different projects and I’m happy with both.

Hello @jmiranda,

Same error after the changes in the tomcat service:

2021-11-02 15:43:27,895 [http-bio-8080-exec-10] ERROR core.MailService - Error sending plaintext email message with subject Test email to [email@gmail.com]
org.apache.commons.mail.EmailException: Sending the email to the following server failed : smtp.gmail.com:587

Caused by: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1918)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:652)
at javax.mail.Service.connect(Service.java:317)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
at javax.mail.Transport.send(Transport.java:124)
at org.apache.commons.mail.Email.sendMimeMessage(Email.java:1388)
… 164 more
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at sun.security.ssl.Handshaker.activate(Handshaker.java:482)
at sun.security.ssl.SSLSocketImpl.kickstartHandshake(SSLSocketImpl.java:1429)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1302)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1350)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1334)
at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:548)
at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:485)
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1913)
… 171 more

I’ll try the Amazon SES. We can use it not only for OpenBoxes but for other software we need also email notifications.
By the way, do you use dedicated IP with your sendgrid and mailgun?

Thank you for your efforts,
RP

One more thing to try would be to update your openboxes-config.groovy file to include the SSL protocols config.

grails { 
    mail { 
        enabled = true
        debug = true
        host = "smtp.gmail.com"
        port = 587
        username = "justin.miranda@gmail.com"
        password = "<yourpassword>" 
        from = "info@openboxes.com"
        props = [
            "mail.smtp.auth":"true", 
            "mail.smtp.starttls.enable":"true", 
            "mail.smtp.port":"587", 
            // Additional properties you can try to resolve the SSL handshake issue
            "mail.smtp.ssl.protocols": "TLSv1.2",
            "mail.smtp.ssl.trust":"smtp.gmail.com",
            "mail.smtp.starttls.required":"true"
        ]
    }
}

Note that this might be an issue with the OS and not with Java / OpenBoxes. You can test whether you can send an email through smtp.gmail.com using your settings. Get it working through cURL first, then you can test whether it works with OpenBoxes.

$ curl smtp://smtp.gmail.com:587/ -vvv --mail-from "your.account@gmail.com" --mail-rcpt "your.account@gmail.com" --ssl -u your.account@gmail.com:yourpassword
*   Trying 74.125.132.109...
* TCP_NODELAY set
* Connected to smtp.gmail.com (74.125.132.109) port 587 (#0)
< 220 smtp.gmail.com ESMTP u4sm10214643ilv.39 - gsmtp
> EHLO jmiranda-ThinkPad-W540
< 250-smtp.gmail.com at your service, [65.29.169.164]
< 250-SIZE 35882577
< 250-8BITMIME
< 250-STARTTLS
< 250-ENHANCEDSTATUSCODES
< 250-PIPELINING
< 250-CHUNKING
< 250 SMTPUTF8
> STARTTLS
< 220 2.0.0 Ready to start TLS
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Unknown (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Client hello (1):
* TLSv1.3 (OUT), TLS Unknown, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* Server certificate:
*  subject: CN=smtp.gmail.com
*  start date: Oct  4 02:13:43 2021 GMT
*  expire date: Dec 27 02:13:42 2021 GMT
*  subjectAltName: host "smtp.gmail.com" matched cert's "smtp.gmail.com"
*  issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1C3
*  SSL certificate verify ok.
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> EHLO jmiranda-ThinkPad-W540
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< 250-smtp.gmail.com at your service, [65.29.169.164]
< 250-SIZE 35882577
< 250-8BITMIME
< 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
< 250-ENHANCEDSTATUSCODES
< 250-PIPELINING
< 250-CHUNKING
< 250 SMTPUTF8
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> AUTH LOGIN
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< 334 ***********************
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> ***********************************
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< 334 *********************
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> ***********************************
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< 235 2.7.0 Accepted
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> VRFY justin.miranda@gmail.com
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< 252 2.1.5 Send some mail, I'll try my best u4sm10214643ilv.39 - gsmtp
252 2.1.5 Send some mail, I'll try my best u4sm10214643ilv.39 - gsmtp
* Connection #0 to host smtp.gmail.com left intact