(SOLVE) Problem Roundcube with AWS SES

Discussion in 'Installation/Configuration' started by Jose Pertuz, May 29, 2023.

  1. Jose Pertuz

    Jose Pertuz New Member

    Hi.
    I have ISPconfig (3.2.9p1) on Debian 11 on EC2 of AWS.
    all work good. but only Roundcube fail.

    They (AWS) did not enable port 25 direct output. I had no choice but to use AWS's own SES service. Which you have some parameters that must be adjusted in Postfix.

    After the settings, the mail works for me with Thunderbird (smtp, imap and POP) but with Roundcube it gives me error 250 to send.

    Log: SMTP Error: Authentication failure: SMTP server does not support authentication (Code: ) in /usr/share/roundcube/program/lib/Roundcube/rcube.php on line 1702 (POST /webmail/?_task=mail&_unlock=loading1685378770532&_framed= 1&_action=send)

    I have worked with the /etc/roundcube/defaults.inc.php file trying various configurations, but all without positive effect.
    Has anyone had experience with this?

    thanks.
     
  2. erick.bastanold

    erick.bastanold New Member

    This means that the server cannot allow mail to be sent over an insecure channel by secure reason.
    - You can try changing the roundcube settings to a secure channel (tls/ssl), but you must check that the smtp ssl certificates are correct.
    - You can remove the username and password settings to send mail locally.
    - You can try to change smtp port (or add additional smtp port, like 2525, 25025) in postfix settings. (Master.conf) And update smtp port configuration in roundcube settings.
     
    Jose Pertuz likes this.
  3. Jose Pertuz

    Jose Pertuz New Member

    Solved:
    add this line in config of roundcube :

    $config['smtp_auth_type'] = 'LOGIN';
    $config['smtp_conn_options'] = [
    'ssl' => [
    'verify_peer' => true,
    'verify_depth' => 3,
    'peer_name' => 'example.myserver.net',
    'cafile' => '/etc/ssl/certs/ca-certificates.crt'
    ],

    and set
    $config['smtp_server'] = 'tls://%h';
    $config['smtp_port'] = 587;
     
    till and ahrasis like this.
  4. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

  5. Jose Pertuz

    Jose Pertuz New Member

    Yes, you are correct. I have aws accounts with direct smtp sending following the link you are sending.

    But, it also happens that AWS rejects the request and forces you to use its SES service. They will have their criteria.
     

Share This Page