Hello everyone,
opnoense (our version is 17.7.6-amd64, but I guess other versions are also affected) seems to use always "PLAIN" Authentication mechanism.
If the E-Mail-Server does not support "PLAIN", E-Mail-Notifications will fail - typically with "Authentication mechanism not supported".
Now - guess what ... Exchange does support plaintext-logins when configured correctly, but only using the method "LOGIN" ...
The culprit is in File /usr/local/etc/inc/notices.inc:
// Use SMTP Auth if fields are filled out
if($config['notifications']['smtp']['username'] &&
$config['notifications']['smtp']['password']) {
$smtp->authentication_mechanism = "PLAIN";
$smtp->user = $config['notifications']['smtp']['username'];
$smtp->password = $config['notifications']['smtp']['password'];
if I change this line to
$smtp->authentication_mechanism = "LOGIN";
I can send e-mail-notifications via "smtp.office365.com" port 587 and the option "Enable STARTTLS". But I guess this will break Notifications for other mailservers.
See also:
https://forum.pfsense.org/index.php?topic=72015.0
Best regards,
rum
Hi Rum,
Are all your final recipients on Exchange? I just send notifications to TCP 25 without bothering to authenticate.
Bart...
Agree with Bart
Is just a warning and no need to authenticate or encrypt the connection
Just use your isp smtp server to send the warning.