Bug #12211
closed
Email Notifications not working with Special Characters in Password
0%
Description
I have tested this and confirmed with two different gmail accouts.
an account has a ! is password. This account fails with testing;
Could not send the message to user@domain.com -- Error: PLAIN authentication failure
[SMTP: Invalid response code received from server
(code: 535, response: 5.7.8 Username and Password not accepted.
Learn more at 5.7.8 https://support.google.com/mail/?p=BadCredentials y2sm1046183pfe.146 - gsmtp)]*
an account has no special characters. This account works fine as
SMTP testing e-mail successfully sent*
therefore quite clearly, passwords with special characters are not getting parsed accordingly. Could it be a bug?
I have an "!" and "$" character's in password.
hopefully this could be resolved.
I am certian this is affected accross all versions.
I am using v2.5.2 atm. I could test on earlier versions, if i can download it some where.
Updated by Jim Pingle over 2 years ago
- Status changed from New to Feedback
- Priority changed from High to Low
Mail is sent using the PHP Pear Mail library which in turn uses PHP Pear Net_SMTP to handle the SMTP connection including authentication. Neither of those are code maintained by pfSense. Looking through the code in both of those libraries I don't see any place that might get tripped up by special characters, they all take the password as-is and pass it through.
If it doesn't work with PLAIN authentication, you could try the LOGIN mechanism instead using the GUI option just under the SMTP password fields in the notification settings.
About the most we could do is to add an option to UTF-8 encode the password, but some servers do not like that. You can try making this change manually to see if it helps you:
diff --git a/src/etc/inc/notices.inc b/src/etc/inc/notices.inc
index fec963bd44..303b0d3971 100644
--- a/src/etc/inc/notices.inc
+++ b/src/etc/inc/notices.inc
@@ -391,7 +391,7 @@ function send_smtp_message($message, $subject = "(no subject)", $force = false)
: $config['notifications']['smtp']['port'],
'auth' => $auth,
'username' => $username,
- 'password' => $password,
+ 'password' => utf8_encode($password),
'localhost' => $config['system']['hostname'] . "." .
$config['system']['domain'],
'timeout' => !empty($config['notifications']['smtp']['timeout'])
Updated by Max Leighton over 2 years ago
I tested this with a Gmail account using special characters in the password and was able to send SMTP alerts in 2.5.2. This seems to be an issue with Google account security rather than a bug in pfSense.
It seems that if 2FA is disabled in Gmail, the user has to turn on "Less Secure App Access" in Gmail, otherwise Google will block pfSense's attempt to authenticate. Once the Google account is configured correctly, there is no issue sending SMTP from pfSense. Preferably 2FA would be enabled and users will use app passwords instead.
Updated by Jim Pingle over 2 years ago
- Status changed from Feedback to Closed
I suspect you are correct. There is a forum thread about this as well and it's come to a similar conclusion. There are multiple ways around it but all in the Google Account settings, not on the firewall.