PHPMailer & Mailhog: connection refused, host not known - connection

trying to get Mailhog to run. i'm running a Neard stack and i haven't used Mailhog before. the docs are slim for somebody who isn't familiar with email services (finger pointing at self). here's what i have code-wise:
// create the instance
$mail = new PHPMailer;
$mail->isSMTP(); // i read somwhere that this may require commenting out to work...
$mail->SMTPSecure = 'tls';
$mail->SMTPDebug = SMTP::DEBUG_SERVER;
$mail->Host = 'mail'; // i also tried 'localhost' here... same result
$mail->Port = 1025;
$mail->SMTPAuth = true;
$mail->Username = EMAILUSERNAME;
$mail->Password = EMAILPASSWORD;
$mail->setFrom($from, $senderName);
$mail->addReplyTo('blorp#blorp.blorp'); // obviously a placeholder
$mail->addAddress($to);
$mail->Subject = $subject;
$mail->msgHTML(file_get_contents(__DIR__.'\90days.php'));
// send the email and check for errors
if (!$mail->send()) {
echo 'Mail error: '. $mail->ErrorInfo;
} else {
echo 'Message sent Successfully';
}
running it through Postman, i get the following error:
2020-04-15 01:53:50 SMTP ERROR: Failed to connect to server: php_network_getaddresses: getaddrinfo failed: No such host is known. (0)
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Mail error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
from what i understand from this post, all i had to do was set the Host and Port to the settings above and Mailhog would intercept. but it doesn't work. so what did i overlook or misconfigure?

I got the same error and I solved removing SMTPSecure
// $mail->SMTPSecure = 'tls';
Hope this helps someone else.

Related

Keycloak: how to verify token gotten from service A in service B?

I have a service A and B. I am running up keycloak service in the same container with service A.
So, configs for service A are the following:
[app]
PageSize = 10
JwtSecret = 233
PrefixUrl = http://127.0.0.1:8000
[sso]
Host = http://127.0.0.1:8080
AdminLogin = some_admin
AdminPassword = some_password
Realm = master
ClientID = my_client
ClientSecret = XXX
I set up a middleware that validates JWT (gotten by keycloak) in service A and it successfully works out.
I run service B in another container with this config:
[app]
PageSize = 10
JwtSecret = 233
PrefixUrl = http://127.0.0.1:8002
[sso]
Host = http://172.18.0.1:8080
AdminLogin = some_admin
AdminPassword = some_password
Realm = master
ClientID = my_client
ClientSecret = XXX
You have noticed that I couldn't use 127.0.0.1 in B's config because it cannot dial this address (because keycloak is running with A in the same container).
I use the same JWT in the request header for service B. After that it goes to keycloak and gets:
{
"code": "ERROR_AUTH_CHECK_TOKEN_FAIL",
"context": {
"code": 401,
"message": "401 Unauthorized: invalid_token: Token verification failed",
"type": "unknown"
}
}
Am I right that keycloak detects the proxing somehow and the error is thrown because of that?
Should I use separate clients for keycloak for both services? And if it is so, how do I verify JWT gotten from service A in the B service?
I solved my problem. Ticket that I got from A had the issuer host http://127.0.0.1:8080 and B sent a header with the host http://172.18.0.1:8080 that failed token validation. Briefly, these hosts must be the same

NWConnection using TLS fails in Swift

I was able to connect to a public wss using tls like this:
let port = 443
let url = URL(string: "wss://echo.websocket.org")!
connection = NWConnection(host: NWEndpoint.Host.name(url.host!, nil), port: NWEndpoint.Port(rawValue: UInt16(port))!, using: .tls)
Now I'm trying to connect to a wss websocket in a private network and I'm getting some errors. This is my code:
let port = 8443
let url = URL(string: "wss://ip_address:8443/gs-guide-websocket/websocket")!
connection = NWConnection(host: NWEndpoint.Host.name(url.host!, nil), port: NWEndpoint.Port(rawValue: UInt16(port))!, using: .tls)
And these are the errors:
[BoringSSL] boringssl_context_alert_callback_handler(3747) [C1.1:1][0x7fe945708390] Alert level: fatal, description: certificate unknown
[BoringSSL] boringssl_context_error_print(3699) boringssl ctx 0x600001ec9500: 140639868076392:error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED:/BuildRoot/Library/Caches/com.apple.xbs/Sources/boringssl_Sim/boringssl-109.202.1/ssl/handshake.cc:372:[BoringSSL] boringssl_context_get_error_code(3519) [C1.1:1][0x7fe945708390] SSL_AD_CERTIFICATE_UNKNOWN
Client failed with error: -9808: Optional(bad certificate format)
Do I need to add special options to connect here?
Also, I saw that the wss works because I'm able to connect with SocketRocket, but I want to connect with NWConnection
Thanks.
Solution was to install the certificate that I had on the server and then enable full trust to that certificate in Settings > General > About > Certificate Trust Settings

Unexpected HTTP Request: POST /mqtt/auth

I am new to emqtt. I am trying to use emq_auth_http but it is not working.
I have these 3 requests to console some data and send data back with status 200.
app.post('/mqtt/auth', function(req, res) {
console.log('This is body ', req.body);
res.status(200).send(req.body);
});
app.post('/mqtt/superuser', function(req, res) {
console.log('This is body in superuser ', req.body);
res.status(200).send(req.body);
});
app.get('/mqtt/acl', function(req, res) {
console.log('This is params in acl ', req.params);
res.status(200).send(req.body);
});
Requests are working fine on postman.
I have configured my emqtt on windows with docker. I have placed my config file in /etc/plugins/emq_auth_http.conf.
This is my config file
## Variables: %u = username, %c = clientid, %a = ipaddress, %P = password, %t = topic
auth.http.auth_req = http://127.0.0.1:3000/mqtt/auth
auth.http.auth_req.method = post
auth.http.auth_req.params = clientid=%c,username=%u,password=%P
auth.http.super_req = http://127.0.0.1:3000/mqtt/superuser
auth.http.super_req.method = post
auth.http.super_req.params = clientid=%c,username=%u
## 'access' parameter: sub = 1, pub = 2
auth.http.acl_req = http://127.0.0.1:3000/mqtt/acl
auth.http.acl_req.method = get
auth.http.acl_req.params =
access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t
Then I enabled emq_auth_http from dashboard
Now when I tried to connect my mqtt client to my server it is not calling the api. It logs
09:28:29.642 [error] Unexpected HTTP Request: POST /mqtt/auth
09:28:29.644 [error] Client(19645050-9d1b-4c50-acf9-
c1fe7e69eea8#172.17.0.1:60968): Username 'username' login failed for 404
Is there anything I missed? Why it is not working?
Thanks
127.0.0.1 in a container refers to the container itself and not the host machine. you should set the host machine ip,you can obtain the host machine ip from a container by issuing the command /sbin/ip route|awk '/default/ { print $3 }' which could be found here
ps: this way you can get the ip of docker machine and not the host ,if your service is served by windows you can reach the ip of host machine from the container which is 10.0.75.1. you can find it in
How to connect to docker host from container on Windows 10 (Docker for Windows)

Ruby Net::HTTP.start giving connection refused

I have a ruby class in which I am making Net::HTTP.start call inside perform method.This is the code:
class Poller
def self.perform(args)
uri = URI('http://localhost:8081/adhoc/dummy_poll?noAuth=true')
begin
Net::HTTP.start(uri.host, uri.port, :read_timeout=>30) do |http|
request = Net::HTTP::Get.new uri
#response = http.request request
#responsecode = #response.code
end
rescue Exception => e
Rails.logger.error "error mess==>"+e.message()
#responsecode = "408"
end
When I enqueue this within resque from another class using this line:
Resque.enqueue_in_with_queue(:data_workflow_manager,10,Poller,args)
I get this error:
Connection refused - connect(2) for "::1" port 8081.
However, HTTP.start works fine without any errors when the perform method is called in some another class using:
Poller.perform(args)
Please help me understand, why is this happening?
try explicitly connecting to the loop back address. There may be resolution issues with localhost.
uri = URI('http://127.0.0.1:8081/adhoc/dummy_poll?noAuth=true')
It's likely you do not have any server running on port 8081 which is why the connection will be refused.
Check it with lsof -i and look for programs bound to 8081 on a linux machine.

IMAP Error: Login failed - Roundcube

I'm trying to login to Roundcube only the program won't let me.
I can login to the said account from the shell and mail is setup and working correctly on my server for user 'admin'. It's RC that is the problem. If I check my logs:
/usr/local/www/roundcube/logs/errors
they show:
[21-Sep-2013 17:19:02 +0100]: IMAP Error: Login failed for admin from ip.ip.ip.ip. Could not connect to ip.ip.ip.ip:143:
Connection refused in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php on line 184
(POST /roundcube/?_task=login&_action=login)
which doesn't give me many clues really, just leads me to:
public function connect($host, $user, $pass, $port=143, $use_ssl=null) {}
from
rcube_imap.php
Stuff I've tried, editing:
/usr/local/www/roundcube/config/main.inc.php
with:
// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or null to use
// best server supported one)
//$rcmail_config['imap_auth_type'] = LOGIN;
$rcmail_config['imap_auth_type'] = null;
// Log IMAP conversation to <log_dir>/imap or to syslog
$rcmail_config['imap_debug'] = /var/log/imap;
With a failed login attempt
/var/log/imap
doesn't even get written to, leaving me no clues. I'm using dovecot and Sendmail on a FreeBSD box with full root access. It's not an incorrect username password combination for sure.
Several Googles on the string 'Roundcube: Connection to storage server failed' are fruitless.
EDIT:
I needed an entry in
/etc/rc.conf
dovecot_enable="YES"
Schoolboy error.
I had the same problem with a letsencrypt certificate and resolve it by disabling peer authentication:
$config['imap_conn_options'] = array(
'ssl' => array('verify_peer' => true, 'verfify_peer_name' => false),
'tls' => array('verify_peer' => true, 'verfify_peer_name' => false),
);
Afterwards you can set the connection string like this (starttls):
$config['default_host'] = 'tls://your-host.tld';
$config['default_port'] = '143';
$config['smtp_server'] = 'tls://your-host.tld';
$config['smtp_port'] = '25';
Or like this (ssl approach):
$config['default_host'] = 'ssl://your-host.tld';
$config['default_port'] = '993';
$config['smtp_server'] = 'ssl://your-host.tld';
$config['smtp_port'] = '587';
Make sure you use the fully qualified hostname of the certificate in the connection string (like your-host.tld) and not an internal hostname (like localhost).
Hope that helps someone else.
Change the maildir to whatever your system uses.
Change Dovecot mail_location setting to
mail_location = maildir:~/Mail
Change Postfix home_mailbox setting to
home_mailbox = Mail/
Restart services and away you go
Taken from this fedoraforum post
If you run fail2ban, then dovecot might get banned following failed Roundcube login attempts. This has happened to me twice already...
First, check if this is indeed the case:
sudo fail2ban-client status dovecot
If you get an output similar to this:
Status for the jail: dovecot
|- Filter
| |- Currently failed: 1
| |- Total failed: 8
| `- File list: /var/log/mail.log
`- Actions
|- Currently banned: 1
|- Total banned: 2
`- Banned IP list: X.X.X.X
i.e. the Currently banned number is higher than 0, then fail2ban was a bit overeager and you have to "unban" dovecot.
Run the fail2ban client in interactive mode:
sudo fail2ban-client -i
and at the fail2ban> prompt enter the following:
set dovecot unbanip X.X.X.X
where X.X.X.X is the IP address of your Dovecot server.
Exit from the interactive client and run sudo fail2ban-client status dovecot again. The Currently banned: field now should have a value of 0. What's more important, RoundCube should work again :-)
The issue is in your mail server.
Check your ports in your mail server and reset it (if necessary):
Port 25 (and 587) must be open for SMTP
Port 143 (and 993) must be open for IMAP
Port 110 must be open for POP3
Also open those ports in your firewall settings.
sudo dovecot should solve the problem.
If not restart dovecot
sudo service dovecot restart

Resources