Can anyone help ! Struggling with email notifications - GMAIL and POSTFIX

Hello,

I have a new Horizon installation 28.0.2 on Ubuntu VM 20.01.3 LTS. Everything is working as planned except email notifications using Gmail. I am no linux expert and generally depend on google and forums to guide me. I already use the gmail account for Firewall alerts so the gmail account security settings for less secure apps is already sorted.

I have included details for both notifd.log and javamail-configuration.properties

I would be very grateful if anyone can take time to have a look. It seems it fails due to invalid addresses which are in use and valid.

nContext 'pollerConfigContext'
2021-08-31 10:35:58,961 INFO  [Main] o.s.c.s.ClassPathXmlApplicationContext: Refreshing org.springframework.context.support.ClassPathXmlApplicationContext@123cb1c: startup date [Tue Aug 31 10:35:58 UTC 2021]; pa
rent: ApplicationContext 'daoContext'
2021-08-31 10:35:58,986 INFO  [Main] o.s.b.f.x.XmlBeanDefinitionReader: Loading XML bean definitions from class path resource [META-INF/opennms/applicationContext-pollerConfigDaos.xml]
2021-08-31 10:35:59,456 INFO  [Main] o.s.c.s.ClassPathXmlApplicationContext: Refreshing org.springframework.context.support.ClassPathXmlApplicationContext@529d8032: startup date [Tue Aug 31 10:35:59 UTC 2021]; p
arent: ApplicationContext 'pollerConfigContext'
2021-08-31 10:35:59,456 INFO  [Main] o.s.b.f.x.XmlBeanDefinitionReader: Loading XML bean definitions from class path resource [META-INF/opennms/applicationContext-notifd.xml]
2021-08-31 10:35:59,498 INFO  [Main] o.s.b.f.a.AutowiredAnnotationBeanPostProcessor: JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
2021-08-31 11:16:49,911 ERROR [JavaMail-EventQueue] o.o.j.JavaMailer$LoggingTransportListener: message not delivered: invalid addresses: browners80@gmail.com
2021-08-31 11:16:50,003 ERROR [NotificationTask-0] o.o.n.n.JavaMailNotificationStrategy: send: Error sending notification.
org.opennms.javamail.JavaMailerException: Not all messages delivered:
        0 messages were sent to valid addresses:
        0 messages were not sent to valid addresses:
        1 messages had invalid addresses: browners80@gmail.com
        at org.opennms.javamail.JavaMailer$LoggingTransportListener.assertAllMessagesDelivered(JavaMailer.java:956) ~[opennms-javamail-api-28.0.2.jar:?]
        at org.opennms.javamail.JavaMailer.sendMessage(JavaMailer.java:465) ~[opennms-javamail-api-28.0.2.jar:?]
        at org.opennms.javamail.JavaMailer.mailSend(JavaMailer.java:255) ~[opennms-javamail-api-28.0.2.jar:?]
        at org.opennms.netmgt.notifd.JavaMailNotificationStrategy.send(JavaMailNotificationStrategy.java:71) [opennms-services-28.0.2.jar:?]
        at org.opennms.netmgt.notifd.ClassExecutor.execute(ClassExecutor.java:69) [opennms-services-28.0.2.jar:?]
        at org.opennms.netmgt.notifd.NotificationTask.run(NotificationTask.java:274) [opennms-services-28.0.2.jar:?]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]
        at java.lang.Thread.run(Thread.java:829) [?:?]```

and properties.

```#################################################################################
# This file is the configuration for the the JavaMailer class.  It is used to
# specify the details of the JavaMailer system properties
################################################################################
#
# Properties are defined but commented out indicating the default values.
#

#
# This property defines system sender account.
#
# The default setting is root@[127.0.0.1]
org.opennms.core.utils.fromAddress=root@[127.0.0.1]
#org.opennms.core.utils.fromAddress=alerts@cara-ns.local

org.opennms.core.utils.transport=smtps
org.opennms.core.utils.mailHost=smtp.gmail.com
org.opennms.core.utils.smtpport=465
org.opennms.core.utils.smtpssl.enable=true
org.opennms.core.utils.authenticate=true
org.opennms.core.utils.authenticateUser=xxxxxxx@gmail.com
org.opennms.core.utils.authenticatePassword=xxxxxxx
org.opennms.core.utils.starttls.enable=false
org.opennms.core.utils.messageContentType=text/html
org.opennms.core.utils.charset=UTF-8



#
# No default value for replyToAddress
#org.opennms.core.utils.replyToAddress=

#
# These properties define the SMTP Host.
#
#org.opennms.core.utils.mailHost=smtp.gmail.com
#org.opennms.core.utils.mailer=smtpsend
#org.opennms.core.utils.transport=smtps
#org.opennms.core.utils.debug=true
#org.opennms.core.utils.smtpport=465
#org.opennms.core.utils.smtpssl.enable=true
#org.opennms.core.utils.quitwait=true
#
# This property controls the use of the JMTA
# if it is true, mailHost will be ignored
#org.opennms.core.utils.useJMTA=false
#
# These properties define the Mail authentication.
#
#org.opennms.core.utils.authenticate=true
#org.opennms.core.utils.authenticateUser
#org.opennms.core.utils.authenticatePassword=
#org.opennms.core.utils.starttls.enable=true

#
# These properties configure message content
#
org.opennms.core.utils.messageContentType=text/plain
org.opennms.core.utils.charset=us-ascii
```
Kind Regards

Andy

I think I may be getting somewhere. I have changed my properties file and now at least looks like it is contacting gmail servers but now it is failing on javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate.

I have googled this error and think there might be a bug with the latest OpenJDK 64-Bit Server VM (build 11.0.11+9-Ubuntu-0ubuntu2.20.04, mixed mode, sharing)

I have been reading this post but not sure my linux knowledge would cut the mustard. - java - postfix and openJDK 11: "No appropriate protocol (protocol is disabled or cipher suites are inappropriate)" - Stack Overflow

Anyway below is my updated config - Any help at would be greatly appreciated.

org.opennms.javamail.JavaMailerException: Java Mailer messaging exception: javax.mail.MessagingException: Could not connect to SMTP host: smtp.gmail.com, port: 465 (javax.net.ssl.SSLHandshakeExceptio
n: No appropriate protocol (protocol is disabled or cipher suites are inappropriate))
        at org.opennms.javamail.JavaMailer.sendMessage(JavaMailer.java:471) ~[opennms-javamail-api-28.0.2.jar:?]
        at org.opennms.javamail.JavaMailer.mailSend(JavaMailer.java:255) ~[opennms-javamail-api-28.0.2.jar:?]
        at org.opennms.netmgt.notifd.JavaMailNotificationStrategy.send(JavaMailNotificationStrategy.java:71) [opennms-services-28.0.2.jar:?]
        at org.opennms.netmgt.notifd.ClassExecutor.execute(ClassExecutor.java:69) [opennms-services-28.0.2.jar:?]
        at org.opennms.netmgt.notifd.NotificationTask.run(NotificationTask.java:274) [opennms-services-28.0.2.jar:?]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]
        at java.lang.Thread.run(Thread.java:829) [?:?]
Caused by: javax.mail.MessagingException: Could not connect to SMTP host: smtp.gmail.com, port: 465 (javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suite
s are inappropriate))
        at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1972) ~[mail-1.4.5.jar:1.4.5]
        at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:642) ~[mail-1.4.5.jar:1.4.5]
        at javax.mail.Service.connect(Service.java:251) ~[geronimo-javamail_1.4_spec-1.7.1.jar:1.7.1]
        at org.opennms.javamail.JavaMailer.sendMessage(JavaMailer.java:458) ~[opennms-javamail-api-28.0.2.jar:?]
        ... 7 more
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
        at sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:170) ~[?:?]
        at sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98) ~[?:?]
        at sun.security.ssl.TransportContext.kickstart(TransportContext.java:221) ~[?:?]
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:433) ~[?:?]
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:411) ~[?:?]
        at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:548) ~[mail-1.4.5.jar:1.4.5]
        at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:352) ~[mail-1.4.5.jar:1.4.5]
        at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:233) ~[mail-1.4.5.jar:1.4.5]
        at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1938) ~[mail-1.4.5.jar:1.4.5]
        at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:642) ~[mail-1.4.5.jar:1.4.5]
        at javax.mail.Service.connect(Service.java:251) ~[geronimo-javamail_1.4_spec-1.7.1.jar:1.7.1]
        at org.opennms.javamail.JavaMailer.sendMessage(JavaMailer.java:458) ~[opennms-javamail-api-28.0.2.jar:?]
        ... 7 more ```
and properties
``` #################################################################################
# This file is the configuration for the the JavaMailer class.  It is used to
# specify the details of the JavaMailer system properties
################################################################################
#
# Properties are defined but commented out indicating the default values.
#

#
# This property defines system sender account.
#
# The default setting is root@[127.0.0.1]
#org.opennms.core.utils.fromAddress=root@127.0.0.1
org.opennms.core.utils.fromAddress=alerts@mymail.com

org.opennms.core.utils.transport=smtps
org.opennms.core.utils.mailHost=smtp.gmail.com
org.opennms.core.utils.smtpport=465
org.opennms.core.utils.smtpssl.enable=true
org.opennms.core.utils.authenticate=true
org.opennms.core.utils.authenticateUser=xxxxxxxxx@gmail.com
org.opennms.core.utils.authenticatePassword=xxxxxxxxx
org.opennms.core.utils.starttls.enable=false
org.opennms.core.utils.messageContentType=text/html
org.opennms.core.utils.charset=UTF-8
org.opennms.core.utils.useJMTA=false


#
# No default value for replyToAddress
#org.opennms.core.utils.replyToAddress=

#
# These properties define the SMTP Host.
#
#org.opennms.core.utils.mailHost=smtp.gmail.com
#org.opennms.core.utils.mailer=smtpsend
#org.opennms.core.utils.transport=smtps
#org.opennms.core.utils.debug=true
#org.opennms.core.utils.smtpport=465
#org.opennms.core.utils.smtpssl.enable=true
#org.opennms.core.utils.quitwait=true
#
# This property controls the use of the JMTA
# if it is true, mailHost will be ignored
#org.opennms.core.utils.useJMTA=false
#
# These properties define the Mail authentication.
#
#org.opennms.core.utils.authenticate=true
#org.opennms.core.utils.authenticateUser
#org.opennms.core.utils.authenticatePassword=
#org.opennms.core.utils.starttls.enable=true

#
# These properties configure message content
#
#org.opennms.core.utils.messageContentType=text/plain
#org.opennms.core.utils.charset=us-ascii  ```

Thanks

Also details on the problem here - TLSv1/v1.1 No longer works after upgrade, "No appropriate protocol" error – Azul Systems

We see this come up a lot. The short answer is that doing this in OpenNMS is possible, but it’s really the wrong way.

it is far easier to configure your local MTA (probably Postfix) to relay to Google’s SMTP servers than to correctly configure Javamail to do the same thing.

https://www.google.com/search?client=firefox-b-1-d&q=configure+postfix+to+use+gmail+smtp+on+centos

https://www.google.com/search?client=firefox-b-1-d&q=configure+postfix+to+use+gmail+smtp+on+ubuntu

1 Like

@dino2gnt I followed the ubuntu guide above which is extremely easy to follow. Got the the end of the guide - sent a test email and viewed the logs in disbelief. It sent the test email and I also got several alerts from opennms. Tested several times and its all working.

Thankyou for pointing me in the right direction.

Kind regards

Browners.

1 Like

Just a tip from my expierience using gmail for notifications. One problem I ran into with using gmail, with a free account anyway, was daily send limits (I think it’s 1000). I switch the outbound smtp server to my o365 so I didn’t have to deal with the limits(I think it’s 10,000 now). Especially if you are using that gmail account for other purposes.

Interesting and thankyou. Is the setup similar for o365 ? Any advice or conf tips most welcome and already googling !
I would like to look into this, as you know things flap at a rapid rate when the brown stuff hits the fan !.

Andy

I believe, in order to use postfix as the relay agent you have to leave the javamail-configuration.properties as default

org.opennms.core.utils.mailHost=127.0.0.1

This sends all email notifications to the localhost (Postfix instance)

Then edit the /etc/postfix/main.cf
for o365, my config looks like this

relayhost = [smtp.office365.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes
sender_canonical_maps = static:emailaddress@domain.com

/etc/postfix/sasl_passwd looks like this

[smtp.office365.com]:587 emailaddress@domain.com:password

I created an NMS account in my o365 instance that is a send-only email without a license. I then send the messages via SMS by using @vtext.com (for verizon) from OpenNMS

Here is a good resource for how it works, this is what I used to get it all working.

Remember to restart postfix and check the mailq for rejections. I don’t remember the o365 setup process but it was similar to gmail. The best part about this setup is postfix is the resiliency. It will keep trying to send even after it’s been rejected, unlike JavaMail just sends it and hopes for the best, so if you hit a limit those notification are gone forever.

Hope that helps clear it up a bit. essentially you are routing all javamail messages to postfix and postfix is handling the relay to the smtp server.

1 Like