starred/lldap-lldap
1
0
Fork 0
mirror of https://github.com/lldap/lldap.git synced 2026-04-25 08:15:52 +03:00
Code Issues 101 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #520] smtp without authentication configured stills tries to authenticate #190

New issue
Closed
opened 2026-02-27 08:15:47 +03:00 by kerem · 2 comments
kerem commented 2026-02-27 08:15:47 +03:00
Owner
Copy link

Originally created by @leanderjanssen on GitHub (Apr 3, 2023).
Original GitHub issue: https://github.com/lldap/lldap/issues/520

I've tried to configure lldap to use smtp without authentication, by removing both the user and password parameters from the [smtp_options] section.

This are the smtp options I've configured:

[smtp_options]
enable_password_reset=true
server="smtp.<snip>.net"
port=587
smtp_encryption="STARTTLS"
from="LLDAP Admin <lldap@<snip>.net>"
reply_to="Do not reply <lldap@<snip>.net>"

But when trying the initiate a password reset lldap still tries to start an authenticated smtp session.

lldap    | 2023-04-03T18:21:29.732179549+00:00  DEBUG    │  ┝━ 🐛 [debug]: Sending email to 'leander@<snip>.net' as 'LLDAP Admin <lldap@v<snip>.net>' via 'admin'@'smtp.<snip>.net':'587'

This debug output also shows its trying to use the admin user. This doesn't seem right when trying to do an unauthenticated smtp session.

lldap    | 2023-04-03T18:21:32.062651465+00:00  WARN     │  ┝━ 🚧 [warn]: Error sending email: lettre::transport::smtp::Error {
lldap    |     kind: Permanent(
lldap    |         Code {
lldap    |             severity: PermanentNegativeCompletion,
lldap    |             category: Unspecified3,
lldap    |             detail: Five,
lldap    |         },
lldap    |     ),
lldap    |     source: "5.7.8 Error: authentication failed: ",
lldap    | }

Here is also some logging from the smtp server:

Apr 03 18:21:29 smtp postfix/submission/smtpd[4381]: Anonymous TLS connection established from unknown[2001:<snip>:a32]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
Apr 03 18:21:32 smtp postfix/submission/smtpd[4381]: warning: unknown[2001:<snip>:a32]: SASL PLAIN authentication failed:
Apr 03 18:21:32 smtp postfix/submission/smtpd[4381]: lost connection after AUTH from unknown[2001:<snip>:a32]
Apr 03 18:21:32 smtp postfix/submission/smtpd[4381]: disconnect from unknown[2001:<snip>:a32] ehlo=2 starttls=1 auth=0/1 commands=3/4

Used lldap version: 0.4.2 (docker image nitnelave/lldap:latest-alpine)

Originally created by @leanderjanssen on GitHub (Apr 3, 2023). Original GitHub issue: https://github.com/lldap/lldap/issues/520 I've tried to configure lldap to use smtp without authentication, by removing both the `user` and `password` parameters from the `[smtp_options]` section. This are the smtp options I've configured: ``` [smtp_options] enable_password_reset=true server="smtp.<snip>.net" port=587 smtp_encryption="STARTTLS" from="LLDAP Admin <lldap@<snip>.net>" reply_to="Do not reply <lldap@<snip>.net>" ``` But when trying the initiate a password reset lldap still tries to start an authenticated smtp session. ``` lldap | 2023-04-03T18:21:29.732179549+00:00 DEBUG │ ┝━ 🐛 [debug]: Sending email to 'leander@<snip>.net' as 'LLDAP Admin <lldap@v<snip>.net>' via 'admin'@'smtp.<snip>.net':'587' ``` This debug output also shows its trying to use the `admin` user. This doesn't seem right when trying to do an unauthenticated smtp session. ``` lldap | 2023-04-03T18:21:32.062651465+00:00 WARN │ ┝━ 🚧 [warn]: Error sending email: lettre::transport::smtp::Error { lldap | kind: Permanent( lldap | Code { lldap | severity: PermanentNegativeCompletion, lldap | category: Unspecified3, lldap | detail: Five, lldap | }, lldap | ), lldap | source: "5.7.8 Error: authentication failed: ", lldap | } ``` Here is also some logging from the smtp server: ``` Apr 03 18:21:29 smtp postfix/submission/smtpd[4381]: Anonymous TLS connection established from unknown[2001:<snip>:a32]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 Apr 03 18:21:32 smtp postfix/submission/smtpd[4381]: warning: unknown[2001:<snip>:a32]: SASL PLAIN authentication failed: Apr 03 18:21:32 smtp postfix/submission/smtpd[4381]: lost connection after AUTH from unknown[2001:<snip>:a32] Apr 03 18:21:32 smtp postfix/submission/smtpd[4381]: disconnect from unknown[2001:<snip>:a32] ehlo=2 starttls=1 auth=0/1 commands=3/4 ``` Used lldap version: 0.4.2 (docker image nitnelave/lldap:latest-alpine)
kerem closed this issue 2026-02-27 08:15:47 +03:00
kerem commented 2026-02-27 08:15:48 +03:00
Author
Owner
Copy link

@nitnelave commented on GitHub (Apr 3, 2023):

From the error message, the email sender sees the smtp.user as "admin", so it tries to authenticate.

You can double check the configuration by starting LLDAP in verbose mode, it will start by dumping the config to the logs.

There are 4 places where the flag can come from: the config file, the command line, the environment variables, and the defaults.

In this case, the value comes from the defaults (and you could argue that it's a bug).

I'll make a note to change that, but in the meantime you can solve your problem by adding a user: "" to your SMTP configuration.

<!-- gh-comment-id:1494913572 --> @nitnelave commented on GitHub (Apr 3, 2023): From the error message, the email sender sees the smtp.user as "admin", so it tries to authenticate. You can double check the configuration by starting LLDAP in verbose mode, it will start by dumping the config to the logs. There are 4 places where the flag can come from: the config file, the command line, the environment variables, and the defaults. In this case, the value comes from the defaults (and you could argue that it's a bug). I'll make a note to change that, but in the meantime you can solve your problem by adding a `user: ""` to your SMTP configuration.
kerem commented 2026-02-27 08:15:48 +03:00
Author
Owner
Copy link

@leanderjanssen commented on GitHub (Apr 3, 2023):

I'll make a note to change that, but in the meantime you can solve your problem by adding a user: "" to your SMTP configuration.

Great, that indeed fixes the issue. Thanks.

<!-- gh-comment-id:1494929285 --> @leanderjanssen commented on GitHub (Apr 3, 2023): > I'll make a note to change that, but in the meantime you can solve your problem by adding a `user: ""` to your SMTP configuration. Great, that indeed fixes the issue. Thanks.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dependabot/github_actions/codecov/codecov-action-6
copilot/fix-equality-filters-list-attributes
dependabot/github_actions/docker/build-push-action-7
dependabot/github_actions/docker/metadata-action-6
dependabot/github_actions/docker/setup-buildx-action-4
dependabot/github_actions/docker/login-action-4
copilot/update-download-artifact-action
copilot/fix-opensuse-warnings
copilot/fix-1268
copilot/fix-727
copilot/fix-898
copilot/fix-1256
copilot/fix-1251
copilot/fix-1249
copilot/fix-1206
user-attribute-form
user-ui
group-ui
server-user-attribute-schema
crates
haveibeenpwned
v0.6.2
v0.6.1
v0.6.0
v0.5.0
v0.4.3
v0.4.2
v0.4.1
v0.4.0
v0.3.0
v0.2.0
v0.0.1
Labels
Clear labels   
backend

   
blocked

   
bug

   
cleanup

   
dependencies

   
docker

   
documentation

   
duplicate

   
enhancement

   
enhancement

   
frontend

   
github_actions

   
good first issue

   
help wanted

   
help wanted

   
integration

   
invalid

   
ldap

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
rust

   
rust

   
tests

   
wontfix
No labels
backend
blocked
bug
cleanup
dependencies
docker
documentation
duplicate
enhancement
enhancement
frontend
github_actions
good first issue
help wanted
help wanted
integration
invalid
ldap
pull-request
question
rust
rust
tests
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/lldap-lldap#190
No description provided.