@garrett Thanks for Help! So in principle the users of our Passbolt instance are happy again
So what did I do: I built a container with the following Dockerfile and then commented out the following lines in SmtpTransport.php
./Dockerfile
FROM passbolt/passbolt:3.6.0-1-ce
COPY ./usr/share/php/passbolt/vendor/cakephp/cakephp/src/Mailer/Transport/SmtpTransport.php /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Mailer/Transport/SmtpTransport.php
#RUN chmod 644 /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Mailer/Transport/SmtpTransport.php
SmtpTransport.php
...
line 285
/*
$replyCode = $this->_authPlain($username, $password);
if ($replyCode === '235') {
return;
}
*/
line 290
...
do you think that EMAIL_TRANSPORT_DEFAULT_CLIENT will still help us - probably not, right?
Trace
[220] otc-de-mta02.mms.t-systems-service.com ESMTP
> EHLO localhost
[250] otc-de-mta02.mms.t-systems-service.com Hello localhost [xx.xx.xx.xx]
[250] SIZE 104857600
[250] 8BITMIME
[250] PIPELINING
[250] PIPE_CONNECT
[250] AUTH LOGIN
[250] CHUNKING
[250] STARTTLS
[250] HELP
> STARTTLS
[220] TLS go ahead
> EHLO localhost
[250] otc-de-mta02.mms.t-systems-service.com Hello localhost [xx.xx.xx.xx] //here our remote / WAN ip was displayed
[250] SIZE 104857600
[250] 8BITMIME
[250] PIPELINING
[250] PIPE_CONNECT
[250] AUTH LOGIN
[250] CHUNKING
[250] HELP
> AUTH LOGIN
[334] XXxXxxxXXXX
> *****
[334] XXXxxXXxxxX
> *****
[235] Authentication succeeded
> MAIL FROM:<mail@hostname.eu>
[250] OK
> RCPT TO:<mail@hostname.eu>
[250] Accepted
> DATA
[354] Enter message, ending with "." on a line by itself
> From: Passbolt <mail@hostname.eu>
To: m.klute@endoo.eu
Date: Fri, 01 Jul 2022 04:49:12 +0000
Message-ID: <ce71f8ca6d53415e8fb25231c78e9fc2@passbolt-65747948f5-bvdpr>
Subject: Passbolt test email
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Congratulations!
If you receive this email, it means that your passbolt smtp configuration is working fine.
.
[250] OK id=1o78ae-0003lr-Mb
> QUIT
The message has been successfully sent!
a short answer to your last first message:
if I understand correctly, this is a gateway service that is redirecting traffic to your mail server?
→ no - it is basically an SMTP server like any other, which considers outgoing messages from a security perspective and, if necessary, blocked when sending, but the login to the SMG does not differ in principle from the login to a regular Postfix mail server (with the exception of various regulations such as no plain and only one login per connection - as we have now seen)
Did you set up your server with postfix or exim?
→ Unfortunately, I cannot answer this question because we do not operate our own mail server and only use the SMG for sending. If this is of great relevance, then I can try to find out the SMG’s software from the provider (Telekom).
you said that other services have accessed it okay - can you provide an example?
→ yes exactly, our own Java backend applications work perfectly and after my small change also Passbolt (-;
Please let me know if it’s helpful if I ask our development team for a small code snipet.
All in all - how do we proceed here? Should we report a bug or feature request? And where is the best place to do this?