E-mail notification problems to Gmail


#1

Hi there,

I am using Duplicati Canary (2.0.2.21_canary_2018-03-06) and all is working well so far. I have been trying to set up e-mail notifications without success however. The Linux server running Duplicati isn’t configured for sending mail, so I’ve tried setting all the parameters directly in Duplicati. I am sending to my Gmail address, using Google’s SMTP servers and my username and password to authenticate.

I’ve tried running the send-email command manually using the Command Line feature - when I try that I get return code 0 and no other messages, but no e-mail is sent.

Command line options for sending e-mail (sanitized for this post naturally) look like:

–send-mail-any-operation=true --send-mail-to="xxx@gmail.com" --send-mail-url=smtps://smtp.gmail.com:465 --send-mail-username="xxx@gmail.com" --send-mail-password=“xxxx”

Does anyone have any ideas on how to debug this? Or thoughts on how to get this working?

Many thanks,

James


Problems sending e-mail reports
#2

I’d suggest adding a “from” address as some SMTP servers treat messages with be sender as junk. Personally I use the same address as the “to” field.

Oh, and with the command line test try adding --verbose=true - that might give you more detail about what’s going on.


#3

Thank you for the suggestions - I added both a from address and tried the verbose flag but no e-mail gets received. I made sure the from address was the same as the to (and a valid address that the GMail account can send from) but to no available. The best I’ve been able to achieve is to send mail to the local postfix server, which then relays it to Gmail. This deposits it in the SPAM folder but I can at least train the SPAM filter to accept these messages.


#4

A workaround is good, but working would be better. :slight_smile:

It may just be the forum doing this, but it looks to me like you have a non-standard dash in your -–send-mail-any-operation=true line - try retyping those two leading dashes so they end up like --send-mail-any-operation=true

You should end up with something like the following with extra info as to what’s going on.

Running commandline entry
Finished!

            
The operation SendMail has started
Starting - Running SendMail
Running SendMail took 0:00:00:00.019
Failed to send email: System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

 => The remote certificate is invalid according to the validation procedure.
Failed to send email: System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

 => The remote certificate is invalid according to the validation procedure.
Return code: 0

Alternatively, you could just follow this (which you probably already know). Try your Command Line feature again but use this (I know, it probably looks like what you’ve already done):

  1. Select command “send-mail”
  2. Remove everything from “Target URL >”
  3. Paste this in Commandline arguments:
    --send-mail-to="xxx@gmail.com"
    –send-mail-url=smtps://smtp.gmail.com:465
    --send-mail-username="xxx@gmail.com"
    –send-mail-password=“xxxx”
    –verbose
    –log-level=profiling
  4. Click “Edit as text” next to “Advanced options” and delete everything in that text box.
  5. Click the `Run “send-mail” command now" button

Lastly, did any of the topics below work for you? I know gmail works because I’m using it on one of my machines. Unfortunately that machine is not on-site so I can’t check my settings but I do recall having to fiddle with using smtps:// or not and adjusting the ports on --send-mail-url to get things working.




#5

I still think the “not-really-a-dash” issue with your first parameter is what’s breaking it for you, but in case I’m wrong here’s what I’m using on one of my machines with gmail:

--send-mail-any-operation="true"
--send-mail-from="Me<Me@MyDomain.com>"
--send-mail-to="Me<Me@MyDomain.com>"
--send-mail-url="smtps://smtp.gmail.com:465?starttls=always"
--send-mail-username="Me@GMail.com"
--send-mail-password="MyGmailPwd"

#6

Thanks for this - sorry for the delay in replying - work kept me away from this for a few days.

It turns out the dash issue was a result of the copy and paste and it is correct in Duplicati. I have checked my settings against the above and am making some progress - in fact I have it working on my Raspberry Pi with Gmail!

However less luck on the Ubuntu (Intel) servers - I have the same configuration you listed above which is working on the Raspberry Pi, but on the Intel boxes I see the following results:

Failed to send email: System.IO.IOException: The authentication or decryption has failed.
--> System.IO.IOException: The authentication or decryption has failed.
--> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server.
 => The authentication or decryption has failed.
 Failed to send email: System.IO.IOException: The authentication or decryption has failed.
--> System.IO.IOException: The authentication or decryption has failed.
--> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server.
 => The authentication or decryption has failed.
Return code: 0

Presumably I’ve not set up CA certs correctly for Mono or something similar? Getting closer…


#7

Yep. Now it’s looking like the “normal” Linux certificate issue. :slight_smile:

Do you know if you have the ‘ca-certificates-mono’ package installed?


#8

I was expecting that to be an easy fix and something I had overlooked, but dpkg reports that ca-certificates-mono is installed.

Where should I look next to resolve this?

Thanks for all your help :slight_smile:


#9

Certain versions of mono came with an empty certificate store - perhaps yours is empty or stale?

  • cert-sync /etc/ssl/certs/ca-certificates.crt #for Debian based systems - cert-sync /etc/pki/tls/certs/ca-bundle.crt #for RedHat derivatives

#10

Lots of useful stuff in that link - I’ll go through it in more detail over the weekend. As a quick test, I ran:

cert-sync /etc/ssl/certs/ca-certificates.crt

It reported:

Linux Cert Store Sync - version 4.2.1.0
Synchronize local certs with certs from local Linux trust store.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD licensed.

I already trust 148, your new list has 148
Import process completed.

So initially it looks like no change. I think we’re on the right track - I was just expecting something really obvious (like a missing package) but perhaps this is will a bit more in-depth.


#11

Ok progress - I now have it working on my Ubuntu 16 host. I had to perform the following commands to manually import the SSL intermediate certs:

apt install mono-devel
mozroots --import --ask-remove --machine
certmgr -ssl -m smtps://smtp.gmail.com:465

I had tried the mozroots command by itself but this didn’t fix the issue - it was running the certmgr command that fixed the issue.

If this is the accepted fix then that’s fine - however just wanted to ask - is this expected or had I failed to perform something that lead up to this as an issue. The reason I ask is that I had with working on Raspbian 9 first without having to perform any of this, so I wonder if I missed something fundamental when I installed mono on my U16 boxes?

Thanks for all your help!


#12

It’s not expected, but it’s not exactly unheard of either.

Unfortunately, Duplicati relies on mono when running in MacOS and Linux environments - and depending on the mono installation (as well as what else has been installed on the machine) it may or may not have up-to-date (or any) certificates.

Ideally we should probably look at something like getting Duplicati to somehow figure out if the certs are stale (or missing) and let the user know, but that’s not something I know how to do (or if it’s even possible).


#13

A post was split to a new topic: Notification overload


#14

Thanks for all your help! It’s been ages since I’ve touched .NET, and I can’t really say I know how my early .NET experience relates to mono. If I get some time I’ll have a look and see if I can find out anything to help. In the meantime the problem is solved.

Thank you again :slight_smile: I am loving Duplicati and the community here.


#15

I already had problems with Gmail with several solutions of the type, for that reason I created a yahoo email that works perfectly with sendemail, duplicati, among other programs of the type that are considered insecure by Google.


#16

Gmail is a free provide us with email service. From this, we can send and receive an email from others. If you are getting any email notification problem to Gmail then you can visit in its setting option to remove this error. If you are want to create an email account in Fairpoint and getting some errors then visit this link Fairpoint Tech Support to know how to create an email account on Fairpoint.