Relay emails through MS365

McHenry · May 21, 2024, 9:07am

I wish to use MS365 as an email relay and no password is required.

VW will requires both smtp_username & smtp_password

vaultwarden  | Error loading config:
vaultwarden  |   Both `SMTP_USERNAME` and `SMTP_PASSWORD` need to be set to enable email authentication without `USE_SENDMAIL`

setting the env variable

smtp_password =""

removes the startup error however emails will still not authenticate and the config string still shows the smtp_password as having a value

  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": true,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "*****************************",
  "smtp_from_name": "VaultWarden",
  "smtp_host": "************************************************",
  "smtp_password": "***",
  "smtp_port": 25,
  "smtp_security": "off",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "****************************",

Similar to this issue:

BlackDex · May 21, 2024, 6:32pm

Password types will always show three asterisks.
Try to set SMTP_DEBUG=true and see what is reported in the logs.

McHenry · May 21, 2024, 9:55pm

The post I linked above indicated password is shown as null when not set:

After explicitly adding SMTP_AUTH_MECHANISM= to my .env it works as expected. Thanks!

"smtp_password": "***", was indeed set – though environment variable was empty and nothing was set in the GUI (also checked for invisible characters). After setting the SMTP_AUTH_MECHANISM it shows "smtp_password": null,.

The debug logs are below:

[2024-05-21 21:45:27.224][request][INFO] POST /admin/test/smtp
[2024-05-21 21:45:27.623][lettre::transport::smtp::client::async_connection][DEBUG] << 220 SY1PEPF000066C5.mail.protection.outlook.com Microsoft ESMTP MAIL Service ready at Tue, 21 May 2024 21:45:27 +0000<CRLF>
[2024-05-21 21:45:27.624][lettre::transport::smtp::client::async_connection][DEBUG] Wrote: EHLO 8b8eb3e42219<CRLF>
[2024-05-21 21:45:27.638][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>
[2024-05-21 21:45:27.639][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>
[2024-05-21 21:45:27.639][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>
[2024-05-21 21:45:27.639][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>
[2024-05-21 21:45:27.639][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>
[2024-05-21 21:45:27.640][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-STARTTLS<CRLF>
[2024-05-21 21:45:27.640][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-STARTTLS<CRLF>250-8BITMIME<CRLF>
[2024-05-21 21:45:27.640][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-STARTTLS<CRLF>250-8BITMIME<CRLF>250-BINARYMIME<CRLF>
[2024-05-21 21:45:27.640][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-STARTTLS<CRLF>250-8BITMIME<CRLF>250-BINARYMIME<CRLF>250-CHUNKING<CRLF>
[2024-05-21 21:45:27.640][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-STARTTLS<CRLF>250-8BITMIME<CRLF>250-BINARYMIME<CRLF>250-CHUNKING<CRLF>250 SMTPUTF8<CRLF>
[2024-05-21 21:45:27.641][lettre::transport::smtp::client::async_connection][DEBUG] server SY1PEPF000066C5.mail.protection.outlook.com with {StartTls, EightBitMime, SmtpUtfEight}
[2024-05-21 21:45:27.641][lettre::transport::smtp::client::async_connection][DEBUG] Wrote: STARTTLS<CRLF>
[2024-05-21 21:45:27.655][lettre::transport::smtp::client::async_connection][DEBUG] << 220 2.0.0 SMTP server ready<CRLF>
[2024-05-21 21:45:27.692][lettre::transport::smtp::client::async_connection][DEBUG] connection encrypted
[2024-05-21 21:45:27.693][lettre::transport::smtp::client::async_connection][DEBUG] Wrote: EHLO 8b8eb3e42219<CRLF>
[2024-05-21 21:45:27.724][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>
[2024-05-21 21:45:27.724][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>
[2024-05-21 21:45:27.725][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>
[2024-05-21 21:45:27.725][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>
[2024-05-21 21:45:27.725][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>
[2024-05-21 21:45:27.725][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-8BITMIME<CRLF>
[2024-05-21 21:45:27.726][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-8BITMIME<CRLF>250-BINARYMIME<CRLF>
[2024-05-21 21:45:27.726][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-8BITMIME<CRLF>250-BINARYMIME<CRLF>250-CHUNKING<CRLF>
[2024-05-21 21:45:27.726][lettre::transport::smtp::client::async_connection][DEBUG] << 250-SY1PEPF000066C5.mail.protection.outlook.com Hello [*.*.*.*]<CRLF>250-SIZE 157286400<CRLF>250-PIPELINING<CRLF>250-DSN<CRLF>250-ENHANCEDSTATUSCODES<CRLF>250-8BITMIME<CRLF>250-BINARYMIME<CRLF>250-CHUNKING<CRLF>250 SMTPUTF8<CRLF>
[2024-05-21 21:45:27.727][vaultwarden::mail][DEBUG] SMTP client error: lettre::transport::smtp::Error {
    kind: Client,
    source: "No compatible authentication mechanism was found",
}
[2024-05-21 21:45:27.727][vaultwarden::mail][ERROR] SMTP client error: internal client error: No compatible authentication mechanism was found
[2024-05-21 21:45:27.729][response][INFO] (test_smtp) POST /admin/test/smtp => 400 Bad Request
[2024-05-21 21:45:29.217][request][INFO] GET /alive
[2024-05-21 21:45:29.218][response][INFO] (alive) GET /alive => 200 OK

McHenry · May 23, 2024, 9:36pm

I have performed a reinstall and now the error message is more specific.

vaultwarden  | [2024-05-23 21:19:10.107][request][INFO] POST /admin/config
vaultwarden  | [2024-05-23 21:19:10.107][vaultwarden::config][ERROR] Both `SMTP_USERNAME` and `SMTP_PASSWORD` need to be set to enable email authentication without `USE_SENDMAIL`
vaultwarden  | [2024-05-23 21:19:10.108][response][INFO] (post_config) POST /admin/config => 400 Bad Request

As the O365 email relay does not use a password it looks like I need to use sendmail.

Does this sound correct or should VW work without an email password?

bokkabonga · May 24, 2024, 1:07pm

I use M365 to send my Vaultwarden mails, but i simply created a shared mailbox and entered the credentials. If thats something that you don´t wan´t to do you will have to configure an incoming connector in the Exchange Online Admincenter.

I did so for a local postfix relay to resolve local LDAP-Groups. Without configuring the incoming connector i don´t think you will get this to work.

Topic		Replies	Views
Vaultwarden Office365 SMTP Relay Configuration Help	4	260	April 17, 2024
Synology/SMTP Unable to send email Help	5	3035	March 2, 2022
Test SMTP Email Settings	21	31014	February 18, 2024
Unable to get SMTP function to work Help	30	3220	September 19, 2022
SMTP does not work Help	1	1228	August 18, 2022

Relay emails through MS365

Related Topics