• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Email Notifications not working with Special Characters in Password

Scheduled Pinned Locked Moved General pfSense Questions
14 Posts 4 Posters 1.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    mr.rosh
    last edited by mr.rosh Jul 28, 2021, 10:21 PM Jul 28, 2021, 10:21 PM

    I have tested this and confirmed with two different gmail accouts.

    1. account has a ! is password. This account fails with testing;
    Could not send the message to user@domain.com -- Error: PLAIN authentication failure [SMTP: Invalid response code received from server (code: 535, response: 5.7.8 Username and Password not accepted. Learn more at 5.7.8 https://support.google.com/mail/?p=BadCredentials y2sm1046183pfe.146 - gsmtp)]
    
    1. account has no special characters. This account works fine as
    SMTP testing e-mail successfully sent
    

    therefore quite clearly, passwords with special characters are not getting parsed accordingly. Could it be a bug?

    P 1 Reply Last reply Jul 29, 2021, 12:47 PM Reply Quote 0
    • P
      provels @mr.rosh
      last edited by Jul 29, 2021, 12:47 PM

      @mr-rosh
      Maybe related to the auth bug in DDNS . I had to remove an '@' sign from my No-IP PW to make it work. I guess there's a patch for that. Maybe a similar line edit is needed here.

      https://github.com/pfsense/pfsense/commit/4aab19d4ade5d164c22bd63b2833d54bab740d59#diff-bcf28745a76c16f378252ea678d7f1caca21c59cabc46f026ff8391c01c9ddea

      Peder

      MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
      BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

      M 1 Reply Last reply Jul 31, 2021, 11:24 AM Reply Quote 0
      • M
        mr.rosh @provels
        last edited by Jul 31, 2021, 11:24 AM

        @provels i am not using DDNS at all.

        J 1 Reply Last reply Jul 31, 2021, 11:28 AM Reply Quote 0
        • J
          johnpoz LAYER 8 Global Moderator @mr.rosh
          last edited by johnpoz Jul 31, 2021, 11:28 AM Jul 31, 2021, 11:28 AM

          @mr-rosh he wasn't saying you were - what he is pointing out is there is sim issue with @ in that password. So the reason your email password isn't working is prob related to the same sort of issue.

          He was linking to the patch to fix the ddns pasword issue, sim sort of edit to the email password stuff might correct the problem.

          You using or not using ddns doesn't mean the issue are not related to the parsing or handling of special characters in the password.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          M 1 Reply Last reply Aug 1, 2021, 9:25 AM Reply Quote 1
          • M
            mr.rosh @johnpoz
            last edited by mr.rosh Aug 1, 2021, 9:25 AM Aug 1, 2021, 9:25 AM

            @johnpoz and @provels

            pardon my ignorance for not fully understanding comments earlier.

            I have an "!" and "$" character's in password.

            hopefully this is resolved in future releases.

            1 Reply Last reply Reply Quote 0
            • S
              stephenw10 Netgate Administrator
              last edited by Aug 1, 2021, 1:50 PM

              Open a bug report if it's easy to reproduce: https://redmine.pfsense.org
              I don't see anything open there currently that would cover this.

              Steve

              M 1 Reply Last reply Aug 5, 2021, 1:58 AM Reply Quote 0
              • M
                mr.rosh @stephenw10
                last edited by Aug 5, 2021, 1:58 AM

                @stephenw10 Issue #12211 created.

                J 1 Reply Last reply Aug 5, 2021, 4:22 AM Reply Quote 0
                • J
                  johnpoz LAYER 8 Global Moderator @mr.rosh
                  last edited by johnpoz Aug 5, 2021, 4:29 AM Aug 5, 2021, 4:22 AM

                  So you had this setup before? And it broke with upgrade?

                  Do you have 2fa turn on with your gmail?

                  If so you can not use normal passwords and need to create a app password... Which I have never seen use special characters..

                  https://support.google.com/mail/answer/185833?hl=en-GB

                  I have had such a password setup for pfsense since 2016..

                  I find it unlikely that there is a bug - and maybe configuration error with gmail security. For a normal gmail password to work, you would have to have 2fa not enabled in your google account. If you had it on - then it could return such an error.

                  Would seem that many people would be using gmail with their notification, and would also assume in this day and age they would have special characters in it.. I would love to try and duplicate your problem. But don't feel going through the hassle of disable 2fa, just to turn it back on, etc. But the generated app passwords do not use special characters - they are 16 characters that are generated by google - with no real way to edit the characters set that I am aware of.

                  It would also be a bad security choice to not have 2fa enable on your gmail..

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                  M 1 Reply Last reply Aug 5, 2021, 9:05 PM Reply Quote 0
                  • M
                    mr.rosh @johnpoz
                    last edited by Aug 5, 2021, 9:05 PM

                    @johnpoz I have Gmail email that I use for notifications on other devices and IoT. they are working fine with an account that has special character in the password.

                    It only doesn't work in pfsense. So it's surely pointing towards pfsense.

                    J 1 Reply Last reply Aug 5, 2021, 9:20 PM Reply Quote 0
                    • J
                      johnpoz LAYER 8 Global Moderator @mr.rosh
                      last edited by johnpoz Aug 5, 2021, 9:24 PM Aug 5, 2021, 9:20 PM

                      Why do you not just setup app password? Are you saying you do not have 2fa setup on your gmail account?

                      Pretty much every guide and how to all over the net for setting up notification using gmail, says to use app password.. Because 2fa enabled should be the default.

                      I have my gmail account used for many things - all using app passwords..

                      I also recall something where you had to hit save before testing, or it wouldn't use the current password you put in? Not sure if that has changed in more recent versions. Like I said looking up my app passwords the one I setup for pfsense was last done in 2016.. Have never had to redo it in pfsense because even on clean installs I just restore my config, etc.

                      If there was some bug in parsing special characters for the email password - wouldn't you think there would be a lot of people complaining about it? Lots of people use gmail, lots of people use other email servers.. Lots of people use special characters in their email ;)

                      But if you search for setting up pfsense with gmail - everyone I found says to use app passwords ;) Which don't have special characters in them.

                      Are you actually hitting the save button before you test?

                      Here see this thread about the save button which isn't that old
                      https://forum.netgate.com/topic/151153/system-advanced-notifications-e-mail-smtp-notification-e-mail-auth-password-not-updating/4

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                      M 1 Reply Last reply Aug 9, 2021, 2:29 AM Reply Quote 0
                      • M
                        mr.rosh @johnpoz
                        last edited by Aug 9, 2021, 2:29 AM

                        @johnpoz Lets take google out of the picture.

                        What we use some other email product and password enforcements are strict on the environment? nad has special character's in password, what then.

                        issue remains!

                        J 1 Reply Last reply Aug 9, 2021, 12:03 PM Reply Quote 0
                        • J
                          johnpoz LAYER 8 Global Moderator @mr.rosh
                          last edited by johnpoz Aug 9, 2021, 12:41 PM Aug 9, 2021, 12:03 PM

                          Your not using this other email now are you?? If so it would work - not working with google, does not mean that special characters do not work..

                          Here I set my notification to use one of my other domains smtp server, using a very strong password I just set

                          "XPL!Fx7$vJNWJ2QPowG@uJ"

                          3 different special characters in it - works just fine.

                          test.jpg

                          Now I have to go back and create a new app password so I can use gmail again.. But that was much easier then turning off 2fa auth, etc. and trying it with gmail, etc..

                          An intelligent man is sometimes forced to be drunk to spend time with his fools
                          If you get confused: Listen to the Music Play
                          Please don't Chat/PM me for help, unless mod related
                          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                          1 Reply Last reply Reply Quote 0
                          • S
                            stephenw10 Netgate Administrator
                            last edited by Aug 9, 2021, 12:38 PM

                            Mmm, I've failed to replicate that here too for a generic connection. Unless you're setting something else at the same time as that perhaps?

                            Steve

                            J 1 Reply Last reply Aug 9, 2021, 12:44 PM Reply Quote 0
                            • J
                              johnpoz LAYER 8 Global Moderator @stephenw10
                              last edited by Aug 9, 2021, 12:44 PM

                              Yeah gmail is a bit special - can you get it to work without 2fa? Maybe?? Don't know, don't care - have had 2fa on since like 2014, and I was late to the party ;)

                              But just tested this with one of play domains, no 2fa - just your typical smtp server over 587 works just fine.. So clearly pfsense is parsing special characters in the password. And his issue is most likely do to the special requirements of gmail.

                              An intelligent man is sometimes forced to be drunk to spend time with his fools
                              If you get confused: Listen to the Music Play
                              Please don't Chat/PM me for help, unless mod related
                              SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                              1 Reply Last reply Reply Quote 0
                              14 out of 14
                              • First post
                                14/14
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                This community forum collects and processes your personal information.
                                consent.not_received