Error sending verify_email

I just created a Vaultwarden + Caddy docker in WSL2 from Windows 11.

After initial log on and creating master password I clicked on the Send Email of Verify Email prompt. I have never received the email sent by Vaultwarden.

I have read and followed the instructions here SMTP Configuration · dani-garcia/vaultwarden Wiki - https://github.com/.

extract of SMTP configuration from docke-compose.yml as below…

 SMTP_HOST: "smtp.gmail.com"

SMTP_FROM: “private@gmail.com

  SMTP_PORT: "465"    # 587  starttls
  SMTP_SECURITY: "forcetls"   # starttls
  SMTP_USERNAME: "private@gmail.com"
  SMTP_PASSWORD: "hdhdhdhdhdhdhd"

The password was taken from Google Account App Password facility

Here are the errors from Vaultwarden log …

2023-01-14 23:27:16 [2023-01-15 04:27:16.489][response][INFO] (login) POST /identity/connect/token => 200 OK
2023-01-14 23:27:16 [2023-01-15 04:27:16.532][request][INFO] POST /api/accounts/verify-email
2023-01-14 23:27:16 [2023-01-15 04:27:16.543][vaultwarden::api::core::accounts][ERROR] Error sending verify_email email: Address.
2023-01-14 23:27:16 [CAUSE] InvalidUser
2023-01-14 23:27:16 [2023-01-15 04:27:16.543][response][INFO] (post_verify_email) POST /api/accounts/verify-email => 200 OK
2023-01-14 23:27:22 [2023-01-15 04:27:22.992][request][INFO] GET /api/plans/
2023-01-14 23:27:23 [2023-01-15 04:27:23.005][response][INFO] (get_plans) GET /api/plans => 200 OK
2023-01-14 23:27:26 [2023-01-15 04:27:26.645][request][INFO] GET /api/accounts/revision-date

Can anybody find errors with my configuration? What more information are needed for the investigation?

The error message InvalidUser points to the local part of the mail address (either in the to: or from:) being wrong.

My guess would be that the quotation marks around the values of the SMTP_FROM environment variable are causing issues as they seem to be and and not just " and thus the value is set to “zung25@gmail.com” instead of zung25@gmail.com

You can check in the /admin page and verify if the SMTP configuration is correct.

still same error with

      SMTP_HOST: "smtp.gmail.com"
      SMTP_FROM: private@gmail.com
      SMTP_PORT: "587"   # 465     587  starttls
      SMTP_SECURITY: "starttls"   #force_tls   starttls
      SMTP_USERNAME: private@gmail.com
      SMTP_PASSWORD: "mysecretpasseord"
      SMTP_DEBUG: "true"
  ADMIN_TOKEN: "xhhdjdjdjdjdjjdjdjdjddjPSFi"

trying /admin saying “The admin panel is disabled, please configure the ‘ADMIN_TOKEN’ variable to enable it”

Thanks

I have resolved the issues. I think the restart from Docker Desktop did not pick up the updated docker-compose file. I used docker command to down and up the containers and it worked fine now.

@zung

As an aside, I would HIGHLY recommend that you change your current Gmail SMTP app password as you appear to have posted it here (as well as your login credentials) unredacted in a public forum (possibly also edit your posting here, but assume it’s already compromised).

Delete the current one you are using and then create another as discussed below.
Even with 2FA on your Google account, this app password bypasses this for SMTP.

While I don’t think (hope) anyone here would use it nefariously, but this is again a public forum open to the internet and anyone can stumble upon this.
Generally good opsec would advise not to have any of your credentials in the clear.

The same would go for your ADMIN_TOKEN while not sure if your host is publicly available again this is the credential for access to the Admin panel.
So best to change this and keep it closely guarded as well.
Best :wink:

1 Like

Thank you for the advice. I will change the credentials as soon as possible.