-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
Windows 7 platform (64 bit). Jenkins version 2.88. Oracle JRE 8.0_151, running Jenkins directly, using Chrome web browser (62.0.3202.89).
mailer plugin (1.20)
I have scoured the internet for solutions to this particular issue, but none of the suggested solutions solves the problem. I have also looked at the same issues raised here in the Jenkins Jira.
The smtp.office365.com site is using TLS on port 587.
This is what has been attempted to date. In Jenkins System Configuration for E-mail Notification. The MyName@mydomain.com represents a valid user in the mailing system.
(Invalid user or password results in Authentication error instead of what is reported below)
1. User Name: MyName@mydomain.com Password: ••••••••••••• Use SSL: Checked SMTP Port: 587 Test e-mail recipient: MyName@mydomain.com Results: Failed to send out e-mail javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? When 'Use SSL' is unchecked, results are Failed to send out e-mail com.sun.mail.smtp.SMTPSendFailedException: \ 550 5.7.60 SMTP; Client does not have permissions to send as this sender 2. Placing -Dmail.smtp.starttls.enable=true into jenkins.xml then restart Jenkins. User Name: MyName@mydomain.com Password: ••••••••••••• Use SSL: Checked (then unchecked) SMTP Port: 587 Test e-mail recipient: MyName@mydomain.com
This gives the identical results mentioned in the first testing attempt.
As mentioned on Stack OverFlow and the Jenkins Jira issues, I have even added the following to jenkins.xml with the same results.
-Djava.awt.headless=true -Dmail.smtp.starttls.enable=true -Dmail.smtp.socketFactory.fallback=true
Note, on this same machine, I can use a Powershell Send-MailMessage command which succeeds in its intended operation. This at least tells me that the account, port and SSL usage are all appropriate settings. ($mycred holds MyName@mydomain.com and Password)
Send-MailMessage -to "MyName@mydomain.com" -from "MyName@mydomain.com" -Subject "mailTest" -credential $mycred -smtpserver smtp.office365.com -port 587 -usessl
After a weeks worth of experimentation, frustration and reading, the problem can be solved without code modification, but this is truly an annoyance of poor documentation (making users wade through countless different web sites to glean out what is truly needed), and perhaps poor user interface.
The solution to this particular problem, on the Windows platform, requires modification of the jenkins.xml file (adding -Dmail.smtp.starttls.enable=true to the java "arguments" XML node) and settings within two areas of the Jenkins overall configuration, at the "Jenkins Location" section and the "E-mail Notification" section (see enclosed attachments).
For TLS (Transport Layer Security) to work on smtp.office365.com, the additional following settings must be part of the Jenkins configuration (select Manage Jenkins>Configure System).
It is IMPORTANT to note that BOTH the "E-mail Notification" section User Name AND the "Jenkins Location" section System Admin e-mail address must be valid smtp.office365.com users. If either one is not found in smtp.office365.com, you will get a "Client does not have permissions to send as this sender" error, but won't know which one is causing the problem. (Now why would one expect the System Admin e-mail address to be involved in this transaction when the focus is on the E-mail Notification User for SMTP Authentication? Coding defect perhaps?)
It is also important that the "Use SSL" element is UNCHECKED (SSL is not TLS, even though some programming references confuse the matter). If "Use SSL" is checked, the error "Unrecognized SSL message, plaintext connection?" will be generated.
--------------------------------------------------------------
Improving the Mailer plugin interface would go a long way to avoiding this general frustration.
First, the User Name under SMTP Authentication should be the sole entry which represents the "From" field (owner) of the message. That is, it should override the usage the System Admin e-mail address. Perhaps, when the User Name field is empty, it should contain 'hint' text of what is to be used (eg. System Admin e-mail, or the actual value of that entry). A help circle explaining the default contents of the field would be useful too, telling the user where the contents of the field is being obtained.
Second, replace the "Use SSL" checkbox with a "Security Protocol" dropDown/comboBox with the choices of SSL and TLS (spelled out perhaps too). The selection of SSL would modify the "Port" entry to the standard default of 465. The selection of TLS would modify the "Port" entry to the standard default of 587. (The "Port" field would still be able to be manually modified.) If placing values into "Port" field is not palatable, certainly explain which default port will be used for which protocol in help documentation.
These changes would keep the users out of hacking at the java command line.