Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Secure emails
#1
Do we still need stunnel to send secure emails?

I haven't used the email notifications for some time but since my elk stopped sending emails (again) I thought I would switch my notifications to cqc. Going straight to my email servers isn't working so I thought I would ask.
Thanks
George M
Reply
#2
no .
------------------------------------
Devices I'm phasing out: ISY, NuVo
My vlogs: https://www.youtube.com/c/IVBsHomeAutomation
Reply
#3
Good.
But now I have to try to figure out why it isnt working. I have tried two different email servers that I have account for and they both fail.
Thanks
George M
Reply
#4
They may require some login scheme that we don't understand. You sure you used the right secure port when you set up the e-mail account in CQC?
Dean Roddey
Software Geek Extraordinaire
Reply
#5
It seems like it should be so simple but it is not working.
I have a simple event set up every 2 minutes to send an email:

System::EMail
   P1=Gmail
   P2=xx@xxxxxxxxxxx.net
   P3=EMail Test
   P4=Email test from CQC through gmail

I cant copy the email setup but this is what it contains:

Type is SMTP Secure
Server is smtp.gmail.com
User is my gmail user name
Password is my gmail password
From address is my gmail user name
Port is 465

When I either test it or let it run I get this error:

03/06 18:38:55-CQC, CQCAdmin, StdCmdEngineThr1
{
   CIDSock, CIDSock_StreamSocket.cpp.433, Failed/Not All Data Read, Error: 5014/0/0
   Could not read or write all requested bytes
     <CQCAdmin> CIDNet_SMTPClient.cpp - 733

}

Ideas????
Thanks
George M
Reply
#6
Gmail working fine here, should be port 587, not 465.  Also if you have 2 factor authentication turned on (and you should for account security) you will need a separate application password which is detailed here.
Reply
#7
(03-06-2018, 06:21 PM)batwater Wrote: Gmail working fine here, should be port 587, not 465.  Also if you have 2 factor authentication turned on (and you should for account security) you will need a separate application password which is detailed here.

I thought we were using SSL which is 465. TLS is 587.
Anyway this is an account I just set up for notification only so I do not have two step verification on it yet.

That being said using port 587 give me an authentication error even though the user name and password are correct:

03/06 19:54:20-XPS, CQCAdmin, StdCmdEngineThr3
{
    CIDNet, CIDNet_SMTPClient.cpp.900, Failed/Authority, Error: 5114/0/0
    Mail authentication failed. Reason=5.7.14 <https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=AKgnsbva
      <CQCAdmin> CIDNet_SMTPClient.cpp - 733

}

And port 465 gives me the before mentioned error.
Is CQC using TLS
Is CQC using
Thanks
George M
Reply
#8
I don't think anyone uses SSL anymore. It's been long since proven insecure. So TLS would be the minimum supported most likely, and that's the minimum that CQC supports. Looking up that error it says:

"You need to set the Allow less secure apps: ON, login to google using the account desired, and go to the security page and set the Allow less secure apps to be ON."

Presumably that allows a straight TLS login without some other Googlish stuff that would otherwise be involved.
Dean Roddey
Software Geek Extraordinaire
Reply
#9
That was it. Got it working now.
Thanks to all for input.
Thanks
George M
Reply
#10
The account I am using for CQC is also only for CQC. You really do not want to use the less secure apps as it greatly weakens your account's security. Regardless if it is just an account for processing CQC and/or other application mail it is less secure. Even if you don't set up 2 factor, use the application specific password and it should work. (Unless that function is tied to 2-factor in which case then that is also required)

I have 2 factor authentication turned on, account recovery passwords generated (and saved) and I have an application password set up and it works, it's been working this way since Dean made the mail changes way back when.

</PSA> Call me paranoid perhaps but having real world experience with attempts on gmail accounts being compromised and being saved by having 2-factor authentication turned on it's a no brainer easy security step to take. <End PSA/>
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Secure Websocket whozeawhat 1 472 08-23-2017, 10:03 AM
Last Post: Dean Roddey
  Testing secure e-mail Dean Roddey 5 1,152 12-11-2014, 03:35 PM
Last Post: Dean Roddey
  Elk field "Secure" not available George M 6 897 11-27-2012, 07:51 PM
Last Post: Dean Roddey
  CQC Web Server Secure Authetication Issue wuench 1 1,225 01-03-2009, 04:46 PM
Last Post: zaccari
  Sending emails Hitchcocknz 3 967 12-22-2006, 09:03 PM
Last Post: ToyMaster458

Forum Jump:


Users browsing this thread: 2 Guest(s)