SMTP not working

Help
1

Hello everybody,

I am really new to Vautlwarden, in fact, password managers for that matter. I find that a working SMTP, it’s a must for one(might be wrong).
Anyway, I have an alpine-vaultwarden container on a Proxmox host that apart from the SMTP thingy works fine and snappy.

What is strange is the fact I do not seem to find these exact symptoms online.

Here is a photo of the error I got when trying to test the functionality of the SMTP configuration:

Capture d’écran 2023-03-24 à 22.01.40
Capture d’écran 2023-03-24 à 22.01.40898×222 19.1 KB

If I try to send an invitation to a mail address, i get this in the acces.log:

[2023-03-24 20:42:34.526][vaultwarden::mail][ERROR] SMTP timeout error: Connection error: connection timed out
[2023-03-24 20:43:05.375][vaultwarden::mail][ERROR] SMTP timeout error: Connection error: connection timed out
[2023-03-24 20:44:08.445][vaultwarden::mail][ERROR] SMTP timeout error: Connection error: connection timed out

And here is my Suport String:

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v
  • Web-vault version: v2022.12.0
  • Running within Docker: false (Base: Alpine)
  • Environment settings overridden: true
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Database type: SQLite
  • Database version: 3.39.2
  • Clients used:
  • Reverse proxy and version:
  • Other relevant information:

Config (Generated via diagnostics page)

Show Running Config

Environment settings which are overridden: ADMIN_TOKEN

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": false,
  "_enable_smtp": true,
  "_enable_yubico": false,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_smtp_img_src": "https://auth.cabivr.net/vw_static/",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "/var/lib/vaultwarden/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "/var/lib/vaultwarden",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "*******************************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://***************",
  "domain_origin": "*****://***************",
  "domain_path": "",
  "domain_set": true,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 3,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "/var/lib/vaultwarden/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "Info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 100000,
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "/var/lib/vaultwarden/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sends_allowed": true,
  "sends_folder": "/var/lib/vaultwarden/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": false,
  "smtp_explicit_tls": null,
  "smtp_from": "*******************",
  "smtp_from_name": "vaultwarden",
  "smtp_host": "***************",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "*******************",
  "templates_folder": "/var/lib/vaultwarden/templates",
  "tmp_folder": "/var/lib/vaultwarden/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_syslog": false,
  "user_attachment_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "/var/lib/vaultwarden/web-vault",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": false,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}
2

Vaultwarden isn’t able to connect to the smtp server for some reason. That is at least what the message is telling me.

Are you able to connect to that mail server manually?
Something like

nc -vz mail.host.tld 587
4

Hey,
Thanks for your reply.
It does connect, yes:

nc -vz  smtp.gmail.com 587
smtp.gmail.com ([2a00:1450:4013:c08::6c]:587) open
5

And what about

docker exec -it vaultwarden nc -w5 -vz smtp.gmail.com 587

Because if that works, or should work for Vaultwarden also, unless you made a typo somewhere.

6

This is a Proxmox LXC container actually, so the first command was made in the container and not on the host.
Here is the result for the second try:

alpine-vaultwarden:~# nc -w5 -vz smtp.gmail.com 587
smtp.gmail.com ([2a00:1450:400c:c00::6c]:587) open
7

Strange. Then i have no clue why it is not working.
You could try to enable trace logging and smtp_debug and see if that provides some info.

Other then that, i have no clue.

8

Gmail uses specific security measures and configurations for third-party applications. Here are some additional steps to troubleshoot SMTP settings for Gmail:

  1. Allow less secure apps: For sending emails through Gmail SMTP from any third-party app, you have to enable the setting “Less secure app access.” You can do this from the Google Account settings here. Note that this option is only available for accounts that do not have 2-step verification enabled. If 2-step verification is enabled, you will need to generate and use an App password (see next point).
  2. Use App Password: If you have 2-step verification enabled, you will have to generate an App Password and use that instead of your regular password. You can generate an App Password here. The App Password will have to be used in the smtp_password setting.
  3. Unlock CAPTCHA: Sometimes Google may block sign-in attempts from new locations or devices. You can unlock it using this link.
  4. SMTP Server: Ensure the SMTP server is set to smtp.gmail.com.
  5. SMTP Port: For Gmail, you can also try using port 465 with smtp_security set to ssl, which is another configuration Gmail supports for SMTP.

Remember to restart your Vaultwarden instance after making these changes.

9

Hello,
Thanks for your reply, I actually found the problem, a week or so after this post and I forgot to mention it.
I had a space in the smtp_password variable, once that was corrected, all went fine.