Comments (7)
dadatuputi
commented on August 15, 2024
1
As I understand it, force_tls can be more secure than starttls, maybe that's why they recommend it? But my SMTP provider didn't like force_tls. The SMTP_STARTTLS was pulled out of docker-compose.yml, where it never should have been, and put in .env.template. If you git pull and get a new docker-compose.yml from the repo, you might need to update your .env from the current .env.template.
Regardless, I'm glad to hear it's working.
from bitwarden_gcloud.
asardaes
commented on August 15, 2024
The docker-compose.yml entry for fail2ban has hard-coded SSMTP_STARTTLS=YES in its environment, that might have to be NO in your case, but I'm not sure.
from bitwarden_gcloud.
dadatuputi
commented on August 15, 2024
@altafkassam Can you try setting SMTP_TLS=NO? Do your other emails (with the same settings/server) work, such as backup?
from bitwarden_gcloud.
dadatuputi
commented on August 15, 2024
I see now an issue, fixed in #79. Not really a fix for you @altafkassam, but might make it easier to understand the SMTP settings.
from bitwarden_gcloud.
altafkassam
commented on August 15, 2024
Setting SMTP_TLS=NO did not resolve my issue. I get the same type of error after modifying .env and running docker-compose up:
2023-11-07 08:56:27,463 fail2ban.utils [1]: ERROR 7e43b016c4e0 -- stderr: 'sendmail: Cannot open smtp.gmail.com:465'
2023-11-07 08:56:27,463 fail2ban.utils [1]: ERROR 7e43b016c4e0 -- returned 1
2023-11-07 08:56:27,463 fail2ban.actions [1]: ERROR Failed to start jail 'bitwarden' action 'sendmail-whois-lines': Error starting action Jail('bitwarden')/sendmail-whois-lines: 'Script error'
from bitwarden_gcloud.
altafkassam
commented on August 15, 2024
I tried changing the SMTP port to 587 and leaving SMTP_TLS=YES and got fail2ban to send me emails. However, now bit warden throws the following error when it attempts to send email:
[2023-11-07 10:00:48.610][vaultwarden::mail][ERROR] SMTP error: Connection error: Connection error: error:0A00010B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:354:
[2023-11-07 10:00:48.615][vaultwarden::api::identity][ERROR] Error sending new device email: SMTP error: Connection error: Connection error: error:0A00010B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:354:
my .env config is:
SMTP_HOST=smtp.gmail.com
SMTP_FROM=[email protected]
SMTP_FROM_NAME=BitWarden_Local
SMTP_PORT=587
SMTP_USERNAME=[email protected]
SMTP_PASSWORD=**********
SMTP_SECURITY=force_tls
# For fail2ban, YES or NO
SMTP_TLS=YES
from bitwarden_gcloud.
altafkassam
commented on August 15, 2024
I solved the issue. If you set BitWarden SMTP settings using the guidance in https://github.com/dani-garcia/vaultwarden/wiki/SMTP-Configuration and select SMTP_PORT=465 and SMTP_SECURITY=force_tls, fail2ban will fail to send emails whether you set SMTP_TLS=YES or SMTP_TLS=NO
My solution was to configure SMTP via Google/Gmail like this:
SMTP_HOST=smtp.gmail.com
SMTP_FROM=<mail-address>
SMTP_FROM_NAME=BitWarden_Local
SMTP_PORT=587
SMTP_USERNAME=<mail-address>
SMTP_PASSWORD=<less-secure-app-password>
SMTP_SECURITY=starttls
# For fail2ban, YES or NO
SMTP_TLS=YES
from bitwarden_gcloud.
Related Issues (20)
- Use caddy:alpine instead of caddy/caddy:alpine
- YUBICO_SERVER can no longer be an empty string, causes restart loops HOT 3
- how to update a running instance? HOT 1
- Use gcloud flow URL in documentation to enable gcloud settings HOT 1
- Improve README.md HOT 1
- Log rotation? HOT 2
- .env changes not affecting VW variables HOT 1
- rclone failed to create config file HOT 2
- Can't get admin page enabled HOT 2
- Can not encrypt backup files. HOT 4
- DDNS stopped working HOT 9
- Fail2ban not sending shutdown and startup emails
- Issue with SMTP_TLS in .env HOT 3
- Instance has become inaccessible HOT 8
- Docker compose version HOT 1
- Vaultwarden's IP_HEADER env var is inconsistent HOT 1
- [offtopic, not a technical issue] google charging for network traffic from US to EMEA HOT 8
- error proxy when start docker-compose up HOT 4
- DDNS doesn't seem to run HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bitwarden_gcloud.