Forum OpenACS Q&A: Re: Sending Emails via SMTP port 587

Collapse
17: Re: Sending Emails via SMTP port 587 (response to 1)
Posted by Tyge Cawthon on 03/28/25 01:59 AM

Gustaf,

Thank you very much.

I was making simple mistakes. Example. I kept using port 25 as this was the default in the config file and in the ACS Mail Services Lite. I did not realize when you used port 2525, you met port 2525, not port 25. My misunderstanding.

Here is my summary. I hope this can help others.

Configuration to redirect emails to an external email server

  1. $smtpdport must be 2525
  2. ns_param address must be 127.0.0.1
  3. IDs using @ must be replace with %40

Do NOT use [SquareBrackets] in your password. see Square Bracket Note below

GUI Changes ACS Mail Services Lite

  1. Section Rollout Support field EmailDeliveryMode must be nssmtpd
  2. Section Smpt field SMTPPort must be 2525
  3. Leave all other default field values "as is".

Square Bracket Note:

  1. A square bracket that is escaped with a \ is considered as a literal square bracket.
  2. A square bracket within braces is not modified during the substitution phase.

TCL code below is valid. However, since NaviServer uses { } the square brackets are not modified.

  1. set d [subst -nocom -noback {88(pass)[word]+}]
  2. set d "88(pass)[word]+"

Example:

ns_section "ns/server/${server}/module/nssmtpd" {
   ns_param port $smtpdport
   ns_param address 127.0.0.1
   ns_param relay plain://Username%40Hostname.com:PwdWithNO[SquareBrackets]@smtp.hostname.com:587
....

Note: There should be no space between the @ and smtp.hostname.com:587

Thank you again for all the help. I hope someday I can return the favor.

Collapse
18: Re: Sending Emails via SMTP port 587 (response to 17)
Posted by Gustaf Neumann on 03/28/25 12:38 PM

Great to hear that it works!

A few comments to your notes:

  • the configuration file is a Tcl script. So all Tcl-substitution rules apply. This is why you can set/use Tcl variables there.
  • As mentioned before, the "userinfo" part of URL has to be percent-encoded (RFC 3207). This applies not only to the "@" sign, but also to other funny characters, which are not allowed in the userinfo. To be on the safe side, one can use NaviServer's ns_urlencode (using here square braces for demonstration purposes; the oauth1 encoding requirements are quite strict): 
    set credentials {webmaster@celtic-arts.org:xyz+[PWD]}
    set userinfo [ns_urlencode -part oauth1 $credentials]
    ns_param relay plain://$userinfo@smtp.celtic-arts.org:587
  • Be cautious when embedding credentials in configuration files. To protect sensitive information, restrict file permissions for the configuration file, verify user permissions on the host machine, or consider using environment variables or reading credentials from a secured file. Keep in mind that arbitrary Tcl commands can be executed from within the configuration file.

all the best
-g