Email sends sometimes

I am completely mystified…

Been running Duplicati - 2.0.3.3_beta_2018-04-02 on Win 10 for a few months.
Back in August when I was first playing with installation, I tried email notifications with generic IMAP email and they worked. I changed some things like switching to running as a service and then changed back, played with different retention settings, etc etc.
When I was finally happy with the setup, I could not get mail notification to work.
Not a huge issue and I got distracted with other things.

Suddenly, about 2 weeks ago, I started receiving emails from my main system, regular as clockwork. Every backup that ran sent an email. Then just as suddenly, a couple of days ago they stopped. So now I’m really curious…

If I run the send-mail command from the GUI command line I get
Finished!
Return code: 0

But no mail is received

My commands copied (&redacted) from the GUI text view are:
–send-mail-url=smtps://secureserver.myhost.com:465
–send-mail-any-operation=true
–send-mail-subject=Duplicati %PARSEDRESULT%, %OPERATIONNAME% report for %backup-name%
--send-mail-to=me@myemail.com
--send-mail-username=backups@myemail.com
–send-mail-password=password
–send-mail-from=My Computer backups@myemail.com
–send-mail-body=%RESULT%

I have not changed anything in Duplicati since August. The mail server is used every day for multiple other addresses and the backups@myemail.com address / credentials given to Duplicati work just fine.

I also tried running the command line like:
Duplicati.CommandLine.exe send-mail --send-mail-url=smtps://secureserver.myhost.com:465 --send-mail-any-operation=true --send-mail-subject=Duplicati --send-mail-to=me@myemail.com --send-mail-username=backups@myemail.com --send-mail-password=password --send-mail-from=backups@myemail.com

No messages and no email received

Thoughts?

Seeing the interaction with the email server would help. Here’s an example of what that might look like. While live log at Profiling level is easy, it tends to run lines together, so prettier output would use –log-level=Profiling either for web UI Commandline output, or using –log-file to make a file. Profiling can generate a lot from a big backup…

This is pretty unlikely but are you maybe using a not-real (or non-@myemail.com) From address?

Some systems may consider non-existent email addresses or email domains not authorized to send through your outgoing server as Spam and, depending on DMARC sp (policy) settings, might drop them (or deliver them to you but flagged as Spam).

Assuming you can get connected and authenticated to the mail server, the log should have error codes and maybe some helpful messages (if the server sent them). Here’s a sample document on interpreting findings:

Understanding SMTP Error Codes

As a reply to…

I think I know what you mean but the from/sending address is a real address at one of my domains.

Anyway, I added –log-level=Profiling and directed the results to a text file.

Using the GUI command line method and the original –send-mail-url=smtps://secureserver.myhost.com:465, I get on screen and in the file:
Warning: Failed to send email: System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

Decided to try unsecured mail sending using:
smtp://mail.MyDomain.com:587?starttls=never

That works though does not explain why the mail started being sent and then stopped being sent without any changes being made.

I tried:
smtp://secureserver.myhost.com:465?starttls=when-available
The result was:

Failed to send email: System.IO.IOException: Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. --> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond => Unable to read data from the transport connection:
Return code: 0

So it seems to be some sort of a SSL/TLS issue but I honestly don’t get it…

Is this your own mail server? If not, you don’t know changes, and time always changes (certificates expire). If this is a big public system, your server may vary. If an internal server, can you ask an administrator for help? Someone set up the remote end, and your end apparently doesn’t like what it sees. Too bad it’s so vague…

One way to at least eye the certificate is to connect to that port with Internet Explorer, which allows odd ports.

Your second error isn’t as clearly a certificate problem. Are you sure your connectivity to that server is solid?

True enough, it’s shared and the SSL certificates for the email side of things are not mine but afaik, they run for at least a year but may actually be multiple years which would not seem to account for the 2-week blip where it worked.

This address is associated with one of my domains hosted at Inmotion Hosting, a pretty standard web hosting provider but indeed, I have no real control. That said, I do use multiple email addresses and host several websites on the same account and same physical server - everything running without issue.

In the scheme of things, I don’t guess using insecure smpt is a big issue. I certainly don’t expect that anyone is interested and the report info being sent via this email address is pretty useless but I will have a chat with the hosting provider to see if they can shed some light.

It’s not the report being so interesting, but you want to avoid exposing email credentials, but maybe you already did when you turned off starttls. For a public server, you might also be able to get some info from SSL scanners like https://www.ssllabs.com/ and others mentioned at 10 FREE SSL/TLS Troubleshooting Tools for Webmaster. They also have an installable version at https://github.com/ssllabs/ssllabs-scan, but I’m not sure if it inspects the servers with SSL/TLS like Duplicati does (relying on what Windows does, plus limited configurability – there’s a chance setting a value for –allowed-ssl-versions might change results, but it sounds separate from certificates).

I can’t explain exactly why it worked for two weeks, but I hope you’re able to get something satisfactory up again.