No mails sent from passbolt

Checklist
[X ] I have read intro post: About the Installation Issues category
[X ] I have read the tutorials, help and searched for similar issues
[X ] I provide relevant information about my server (component names and versions, etc.)
[X ] I provide a copy of my logs and healthcheck
[X ] I describe the steps I have taken to trouble shoot the problem
[X ] I describe the steps on how to reproduce the issue
Good morning all,

After spending several hours understanding my problem, I allow myself to ask for some help here.

I installed passbolt on one of my servers (hosted by OVH). This is a debian 10, a mariadb 10.3.23-MariaDB-0 + deb10u1, and it has a postfix to relay mail. This part works very well.

I can send mail from shell, no problem:

---------------------------------------------------------------
 Debug email shell
---------------------------------------------------------------

Email configuration
---------------------------------------------------------------
Host: ssl://ssl0.ovh.net
Port: 465
Username: admin@mydomain.fr
Password: *********
TLS: false

Sending email from: admin admin@mydomain.fr
Sending email to: me@mydomain.fr
---------------------------------------------------------------

Trace
[220] GARM-96R001 Sunday, September 20, 2020
> EHLO localhost
[250] OVH SMTP PROXY Hello
[250] SIZE 104857600
[250] ENHANCEDSTATUSCODES
[250] AUTH LOGIN PLAIN
[250] AUTH=LOGIN PLAIN
[250] 8BITMIME
> AUTH LOGIN
[334] VXNlcm5hbWU6
> *****
[334] UGFzc3dvcmQ6
> *****
[235] 2.7.0 Authentication successful
> MAIL FROM:<*****>
[250] 2.1.0 Sender OK
> RCPT TO:<me@mydomain.fr>
[250] 2.1.5 Recipient OK
> DATA
[354] Start mail input; end with <CRLF>.<CRLF>
> From: admin <*****>
To: me@mydomain.fr
Date: Sun, 20 Sep 2020 08:32:47 +0000
Message-ID: <f7c76fc5552e4caf8627ec5d6c709788@server>
Subject: Passbolt test email
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Congratulations!
If you receive this email, it means that your passbolt smtp configuration is working fine.


[250] 2.6.0 <f7c76fc5552e4caf8627ec5d6c709788@server> [InternalId=41510858919472, Hostname=DAG4EX2.mxp5.local] 1643 bytes in 0.152, 10.528 KB/sec Queued mail for delivery
> QUIT

The message has been successfully sent!

But when I want to invite via passbolt, no mail is sent.

So I run a Healthcheck to find out a little more.

---------------------------------------------------------------
Healthcheck shell
---------------------------------------------------------------

Environment

[PASS] PHP version 7.3.19-1~deb10u1.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable.
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.

Config files

[PASS] The application config file is present
[PASS] The passbolt config file is present

Core config

[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://passbolt.mydomain.fr
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.

SSL Certificate

[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
 [HELP] fopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
fopen(): Failed to enable crypto
fopen(https://passbolt.mydomain.fr/healthcheck/status.json): failed to open stream: operation failed

Database

[PASS] The application is able to connect to the database
[PASS] 23 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.

GPG Configuration

[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server gpg key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.

Application configuration

[PASS] Using latest passbolt version (2.13.5).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.

 2 error(s) found. Hang in there!

Could this certificate issue (generated directly from the passbolt installer) prevent this email from being sent? Which again works great.

Additionally, I noticed the following error in the logs:

Exception: SQLSTATE[HY000] [1045] Access denied for user ''@'localhost' (using password: NO) in [/usr/share/php/passbolt/vendor/cakephp/cakephp/src/Database/Driver.php, line 92]

Who is the user? www-data? the passbolt administrator of the base?

My passbolt.php:

 // Database configuration.
'Datasources' => [
        'default' => [
            'host' => '127.0.0.1',
            'port' => '3306',
            'username' => 'passboltadmin',
            'password' => 'XXXXXX',
            'database' => 'passbolt',
        ],
    ],

MySQL works for passboltadmin via shell, no problem.
Do I have to create a mysql user www-data ?

I begin to despair.
Thank you in advance.

Hi,

Could this certificate issue (generated directly from the passbolt installer) prevent this email from being sent? Which again works great.

No, the SSL certificate should not impact emails. The healthcheck is known to throw errors for self-signed certificates, so if your browser is happy with it, then it should be no problem.

Did you check:

Possible reasons:

  • The cron job to send email is missing
  • Email notifications are disabled in the config

Let us know once you checked the later

Well, I redid a pass, there was an error in the crontab … Tired after several hours …
It works !!

Thank you

1 Like

@Franck glad you got it to work, have a nice weekend!

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.