Unable to send email

cliffordanup · November 5, 2024, 8:48am

I am trying to send email using mailsend command, but it keeps failing with the following error messages:

Error: Connection to smtp.gmail.com:25 timed out after 5 seconds
Error: Could not connect to SMTP server "smtp.gmail.com" at port 25
Could not send mail

This was working fine and I even received a few emails. Not sure what happened, all of a sudden my emails stopped getting delivered.

I enabled firewall logging for both the lan interface and the wan interface, but I don't observe any rules blocking / dropping this transaction.

Please help me troubleshoot.

frollic · November 5, 2024, 8:57am

(post deleted by author)

bluewavenet · November 5, 2024, 9:30am

My previous investigations of this showed that neither the mailsend nor msmtp packages send the gmail required headers in emails. Same goes for other big email providers.
Gmail will usually allow a limited number of these emails through, sending a warning/error in reply. After this the sending ip address will be blacklisted for a few days.

It sounds like this is what has happened to you.

cliffordanup · November 5, 2024, 10:11am

I tried using smtplib.sendmail() in python in one of my clients to the same gmail smtp server, it seems to work fine. Even Send-MailMessage on powershell on my windows client is able to send the email. I tried both these on port 587.

It continues to fail on my router though even after trying to use port 587.

Error: Connection to smtp.gmail.com:587 timed out after 5 seconds
Error: Could not connect to SMTP server "smtp.gmail.com" at port 587
Could not send mail

This is my second openwrt router. I have the same mailsend command working fine in another openwrt router in another location and ISP.

The difference in this location is that, I have two ISP's configured in load balancing configuration using mwan3.

frollic · November 5, 2024, 10:43am

can you nc/telnet/Putty the smtp host from your router or client ?

try https://www.samlogic.net/articles/smtp-commands-reference.htm to manually send an email via you nc/telnet/Putty, to see if there's some kind of warning, as described by @bluewavenet.

cliffordanup · November 5, 2024, 11:31am

On my ubuntu VM client, when I execute nc smtp.gmail.com 587, it is at least responding to my commands. On my router, there is no response whatsoever.

I still could not complete sending my email through nc on my ubuntu VM client. After I say STARTTLS and then EHLO client.example.com, it just quits.

bluewavenet · November 5, 2024, 11:38am

The most significant header tht gets left out is the Message-ID

See:

frollic · November 5, 2024, 11:41am

(post deleted by author)

cliffordanup · November 5, 2024, 11:44am

Hmm, interesting, I had scheduled the emails to send me a backup of my nlbwmon database files and usage statistics in separate emails at the same schedule on both my routers.

Will this cause mailsend to use the same Message-ID? Should I typically schedule them many a few mins apart?

Needless to say, I was using the same smtp server, from address, to address and app password for my authentication in both my bash scripts.

bluewavenet · November 5, 2024, 11:46am

AFAIK mailsend does not send Message-ID.

bluewavenet · November 5, 2024, 11:51am

HELO is the standard old-fashioned "hello".
EHLO is Extended HELO and asks the server to use extended protocol.
See "Part 2" of your above samlogic link.

frollic · November 5, 2024, 11:53am

LOL, fail!

msg deleted,

thnx!

cliffordanup · November 5, 2024, 11:53am

When I give nc smtp.gmail.com 587, it responds saying ESMTP. From the article I am supposed to give EHLO in this case. With basic SMTP I wouldn't probably be able to send an email anyway, because I see no way of authenticating myself.

clifford@clifford-VMware-Virtual-Platform:~$ nc smtp.gmail.com 587
220 smtp.gmail.com ESMTP d9443c01a7336-211057070c8sm76441245ad.67 - gsmtp
EHLO client.cen.net.in
250-smtp.gmail.com at your service, [x.x.x.x]
250-SIZE 35882577
250-8BITMIME
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8
STARTTLS
220 2.0.0 Ready to start TLS
HELO client.cen.net.in
QUIT
^C
clifford@clifford-VMware-Virtual-Platform:~$ nc smtp.gmail.com 587
220 smtp.gmail.com ESMTP d9443c01a7336-211057c1252sm75656415ad.215 - gsmtp
EHLO client.cen.net.in
250-smtp.gmail.com at your service, [x.x.x.x]
250-SIZE 35882577
250-8BITMIME
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8
STARTTLS
220 2.0.0 Ready to start TLS
EHLO client.cen.net.in
Fclifford@clifford-VMware-Virtual-Platform:~$

frollic · November 5, 2024, 11:56am

yeah, if you switch to TLS, you probably can't continue via nc, my guess is the gateway is expecting encrypted traffic after STARTTLS.

cliffordanup · November 6, 2024, 4:53am

Apparently this was an IPv6 Problem. Out of both my ISP's, only one had IPv6 Prefix Delegated and that too a /64 address. So, I enabled IPv6 Suffix on my lan interface and enabled my wan6 interface, added the necessary members, policy and rule to route ONLY IPv6 Traffic through the newly enabled wan6 interface.

This solved the problem. Thanks to One Marc Fifty's YouTube channel explaining IPv6 from scratch.