SMTP not working after upgrade to 3.8.1 from 3.7

I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue


We are using Passbolt CE on Digital Ocean since 1 year and it’s great.
We configured the email with Google SMTP relay and it worked since 3.8.1 update I did on 18th of Nov. Since now, I can only send test mails (successfully, by using the CLI cake script), but every mail triggered by the queue goes in SMTP timeout or SSL SMTP failure.

The system healthcheck script gives all OK: su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck --application --configFiles --core --database --environment --ssl" www-data

 Healthcheck shell      


 [PASS] PHP version 8.1.12.
 [PASS] PCRE compiled with unicode support.
 [PASS] The temporary directory and its content are writable and not executable.
 [PASS] The logs directory and its content are writable.
 [PASS] GD or Imagick extension is installed.
 [PASS] Intl extension is installed.
 [PASS] Mbstring extension is installed.

 Config files

 [PASS] The application config file is present
 [PASS] The passbolt config file is present

 Core config

 [PASS] Debug mode is off.
 [PASS] Cache is working.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to
 [PASS] App.fullBaseUrl validation OK.
 [PASS] /healthcheck/status is reachable.

 SSL Certificate

 [PASS] SSL peer certificate validates
 [PASS] Hostname is matching in SSL certificate.
 [PASS] Not using a self-signed certificate


 [PASS] The application is able to connect to the database
 [PASS] 26 tables found
 [PASS] Some default content is present
 [PASS] The database schema up to date.

 Application configuration

 [PASS] Using latest passbolt version (3.8.1).
 [PASS] Passbolt is configured to force SSL use.
 [PASS] App.fullBaseUrl is set to HTTPS.
 [PASS] Selenium API endpoints are disabled.
 [PASS] Search engine robots are told not to index content.
 [PASS] Registration is closed, only administrators can add users.
 [PASS] Serving the compiled version of the javascript app
 [PASS] All email notifications will be sent.

 [PASS] No error found. Nice one sparky!

This command works: su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt send_test_email" www-data

Email configuration
Port: 587
Password: *********
TLS: true
Sending email from: Giga password service <>
Sending email to:
[220] ESMTP b15-20020a50cccf000000b00469701c73c7sm337560edj.47 - gsmtp
[250] at your service, []
[250] SIZE 157286400
[250] 8BITMIME
[250] SMTPUTF8
[220] 2.0.0 Ready to start TLS
[250] at your service, []
[250] SIZE 157286400
[250] 8BITMIME
[250] SMTPUTF8
[250] 2.1.0 OK b15-20020a50cccf000000b00469701c73c7sm337560edj.47 - gsmtp
[250] 2.1.5 OK b15-20020a50cccf000000b00469701c73c7sm337560edj.47 - gsmtp
[354] Go ahead b15-20020a50cccf000000b00469701c73c7sm337560edj.47 - gsmtp
 From: Giga password service <>
Date: Tue, 22 Nov 2022 20:37:01 +0000
Message-ID: <9a861794c73f4a068c6e25546fb07f42@passbolt-ubuntu-s-1vcpu-1gb-intel-fra1-01>
Subject: Passbolt test email
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

If you receive this email, it means that your passbolt smtp configuration is working fine.

[250] 2.0.0 OK  1669149421 b15-20020a50cccf000000b00469701c73c7sm337560edj.47 - gsmtp
The message has been successfully sent!

This command fails: su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake EmailQueue.sender" www-data

su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake EmailQueue.sender" www-data
SMTP server did not accept the connection or trying to connect to non TLS SMTP server using TLS.
Email 1910 was not sent

I’m attaching the screenshot of a query on the passbolt DB, you can see that after the update every email in the “email_queue” table fails after 4 retries (5th column); error is in the 6th column.

Thank you, have a nice day


does the following command return any warnings or erros?

su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt healthcheck --gpg --smtpSettings" www-data

Hi Pablo,

This is the result of the command… everything seems ok

 Healthcheck shell  

 GPG Configuration

 [PASS] PHP GPG Module is installed and loaded.
 [PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
 [PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
 [PASS] The server OpenPGP key is not the default one
 [PASS] The public key file is defined in config/passbolt.php and readable.
 [PASS] The private key file is defined in config/passbolt.php and readable.
 [PASS] The server key fingerprint matches the one defined in config/passbolt.php.
 [PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
 [PASS] There is a valid email id defined for the server key.
 [PASS] The public key can be used to encrypt a message.
 [PASS] The private key can be used to sign a message.
 [PASS] The public and private keys can be used to encrypt and sign a message.
 [PASS] The private key can be used to decrypt a message.
 [PASS] The private key can be used to decrypt and verify a message.
 [PASS] The public key can be used to verify a signature.
 [PASS] The server public key format is Gopengpg compatible.
 [PASS] The server private key format is Gopengpg compatible.

 SMTP Settings

 [PASS] The SMTP Settings plugin is enabled.
 [PASS] SMTP Settings coherent. You may send a test email to validate them.
 [PASS] The SMTP Settings source is: database.

 [PASS] No error found. Nice one sparky!


@stefano There are other users experiencing similar symptoms regarding email delivery problems following the upgrade. I don’t think it’s been determined yet what is causing this.

Thank you,

We’ll wait for some feedbacks in the next days.


@stefano are you seeing anything error-wise on the Gmail side of things? Or, any coincidental changes in the settings for SMTP such as IP whitelisting, etc?

Hello @stefano,

We are currently working on a fix that could fix your issue.

In the meantime can you let me know if you are able to send the test email via the administration workspace directly from the application? Could you try to update the configuration from there also? It might unlock the situation if something went wrong during the migration.

We will centralise the coms on this thread: Issue with Gnupg decryption in Cron job / Emails not sent
Thanks :pray:


Hello @cedric,

It works, I can send the test email from inside the configuration panel, Email Server tab.
Unfortunately, updating the configuration from there doesn’t affect the real notification emails.