Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43178

“Unregistered user” warning skipping addresses under inappropriate conditions

      Security patch broke it. If configured email is not attached to a know user fails to send email with

       Not sending mail to unregistered user xxx@example.com

       turns out it wasn't what I thought but keeping open as so many people have added similar issues

          [JENKINS-43178] “Unregistered user” warning skipping addresses under inappropriate conditions

          David van Laatum created issue -
          David van Laatum made changes -
          Description Original: Security patch broke it.

           

           
          New: Security patch broke it. If configured email is not attached to a know user fails to send email with

           Not sending mail to unregistered user xxx@example.com

           
          David van Laatum made changes -
          Link New: This issue relates to SECURITY-372 [ SECURITY-372 ]
          Kendall Trego made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Kendall Trego made changes -
          Status Original: In Progress [ 3 ] New: Open [ 1 ]

          René Scheibe added a comment -

          I am seeing the same issue since the plugin upgrade from v2.57 to v2.57.1.

          Scenario: User "xxx" is registered on the Jenkins instance with email "xxx@example.com".

          Log contains: "Not sending mail to unregistered user xxx@example.com"

          René Scheibe added a comment - I am seeing the same issue since the plugin upgrade from v2.57 to v2.57.1. Scenario: User "xxx" is registered on the Jenkins instance with email "xxx@example.com". Log contains: "Not sending mail to unregistered user xxx@example.com"
          C made changes -
          Comment [ -Setting -Dhudson.tasks.MailSender.SEND_TO_UNKNOWN_USERS=true also seems to have no impact.-

           Setting hudson.tasks.MailSender.SEND_TO_USERS_WITHOUT_READ=true also seems to have no impact.  I set this using the script console and later builds did not seem to pick it up.  
          {code:java}
          System.setProperty("hudson.tasks.MailSender.SEND_TO_USERS_WITHOUT_READ", "true"){code}
            ]

          Moshe Zvi added a comment -

          @Rene: I'm not sure this is "fixable", since that was the whole point of the security fix.

          There's a workaround here: https://wiki.jenkins-ci.org/display/JENKINS/Email-ext+plugin#Email-extplugin-2.57.1%28March20%2C2017%29

           Personally, I'd like for it to be configurable from the GUI, rather than from the system properties.

           

          Moshe Zvi added a comment - @Rene: I'm not sure this is "fixable", since that was the whole point of the security fix. There's a workaround here: https://wiki.jenkins-ci.org/display/JENKINS/Email-ext+plugin#Email-extplugin-2.57.1%28March20%2C2017%29  Personally, I'd like for it to be configurable from the GUI, rather than from the system properties.  

          jpschewe added a comment -

          moshe_zvi: I understand the security fix to be to not send email to people that we don't expect to send email to. However if I goto People on my Jenkins system and then click on myself I have my email address in there. I have a job setup to send to that email address. However I'm getting the error "Not sending mail to unregistered user ...". What is the definition of a "registered user"? My access control security realm is set to "Unix user/group database".

          jpschewe added a comment - moshe_zvi : I understand the security fix to be to not send email to people that we don't expect to send email to. However if I goto People on my Jenkins system and then click on myself I have my email address in there. I have a job setup to send to that email address. However I'm getting the error "Not sending mail to unregistered user ...". What is the definition of a "registered user"? My access control security realm is set to "Unix user/group database".

          Moshe Zvi added a comment -

          Go to Manage Jenkins > Configure System, and scroll down to Extended E-mail Notification.

          Did you put 'example.com' in Default user E-mail suffix? I think that's what resolves it. 

          Although I'm not sure - it could actually be the other way around.

          Moshe Zvi added a comment - Go to Manage Jenkins > Configure System , and scroll down to Extended E-mail Notification. Did you put 'example.com' in Default user E-mail suffix? I think that's what resolves it.  Although I'm not sure - it could actually be the other way around.

            Unassigned Unassigned
            davidvanlaatum David van Laatum
            Votes:
            33 Vote for this issue
            Watchers:
            40 Start watching this issue

              Created:
              Updated: