Announcement

Collapse
No announcement yet.

Alert email errors starting a few weeks ago

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Alert email errors starting a few weeks ago

    My email alerts had been working, and abruptly stopped a few weeks ago. I'm guessing it has to do with the SMTP server, but I'm not sure how to trouble shoot. I'm a G Suite customer, so I'm trying to send through Google's smtp relay as described here.

    The stack trace in the server log looks like:
    Code:
    [2017-03-22 18:42:50,899]  ERROR (com.mirth.connect.server.alert.DefaultAlertWorker:183): Error sending alert email.
    org.apache.commons.mail.EmailException: Sending the email to the following server failed : smtp-relay.gmail.com:587
    	at org.apache.commons.mail.Email.sendMimeMessage(Email.java:1401)
    	at org.apache.commons.mail.Email.send(Email.java:1428)
    	at com.mirth.connect.server.util.ServerSMTPConnection.send(ServerSMTPConnection.java:152)
    	at com.mirth.connect.server.util.ServerSMTPConnection.send(ServerSMTPConnection.java:156)
    	at com.mirth.connect.server.util.ServerSMTPConnection.send(ServerSMTPConnection.java:160)
    	at com.mirth.connect.server.alert.AlertWorker$ActionTask.call(AlertWorker.java:181)
    	at com.mirth.connect.server.alert.AlertWorker$ActionTask.call(AlertWorker.java:97)
    	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    	at java.lang.Thread.run(Thread.java:745)Caused by: javax.mail.MessagingException: Could not convert socket to TLS;  nested exception is:
    	javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
    	at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1907)
    	at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:666)
    	at javax.mail.Service.connect(Service.java:345)
    	at javax.mail.Service.connect(Service.java:226)
    	at javax.mail.Service.connect(Service.java:175)
    	at javax.mail.Transport.send0(Transport.java:253)
    	at javax.mail.Transport.send(Transport.java:124)
    	at org.apache.commons.mail.Email.sendMimeMessage(Email.java:1391)
    	... 10 moreCaused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
    	at sun.security.ssl.Handshaker.activate(Handshaker.java:503)
    	at sun.security.ssl.SSLSocketImpl.kickstartHandshake(SSLSocketImpl.java:1482)
    	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1351)
    	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
    	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
    	at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:528)
    	at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:465)
    	at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1902)
    	... 17 more
    The last successful email I received had this in the email header:
    Code:
    Received: from yyy.xxx.com ([ip address])
            by smtp-relay.gmail.com with ESMTPS id y130sm2929788itc.3.2017.03.02.07.16.53
            for <[email protected]>
            (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
            Thu, 02 Mar 2017 07:16:53 -0800 (PST)
    It had been working using port 587/STARTTLS/no authentication. I tried sending test emails today with STARTTLS and SSL on ports 587 and 465. All 4 tests failed.

    A test email from my phone system just worked using port 587 and STARTTLS. The difference in protocol in the email header is (version=TLS1 cipher=AES128-SHA bits=128/128)

    I'm not sure where to go from here.

  • #2
    What are your protocols / cipher suites set to in mirth.properties?
    Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

    Nicholas Rupley
    Work: 949-237-6069
    Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.


    - How do I foo?
    - You just bar.

    Comment


    • #3
      I have not changed the defaults.
      Code:
      https.client.protocols = TLSv1.2
      https.client.protocols = TLSv1.1
      https.server.protocols = TLSv1.2
      https.server.protocols = TLSv1.1
      https.server.protocols = SSLv2Hello
      https.ciphersuites = TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
      https.ciphersuites = TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
      https.ciphersuites = TLS_RSA_WITH_AES_256_GCM_SHA384
      https.ciphersuites = TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
      https.ciphersuites = TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
      https.ciphersuites = TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
      https.ciphersuites = TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
      https.ciphersuites = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
      https.ciphersuites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
      https.ciphersuites = TLS_RSA_WITH_AES_128_GCM_SHA256
      https.ciphersuites = TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
      https.ciphersuites = TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
      https.ciphersuites = TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
      https.ciphersuites = TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
      https.ciphersuites = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
      https.ciphersuites = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
      https.ciphersuites = TLS_RSA_WITH_AES_256_CBC_SHA256
      https.ciphersuites = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
      https.ciphersuites = TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
      https.ciphersuites = TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
      https.ciphersuites = TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
      https.ciphersuites = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
      https.ciphersuites = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
      https.ciphersuites = TLS_RSA_WITH_AES_256_CBC_SHA
      https.ciphersuites = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
      https.ciphersuites = TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
      https.ciphersuites = TLS_DHE_RSA_WITH_AES_256_CBC_SHA
      https.ciphersuites = TLS_DHE_DSS_WITH_AES_256_CBC_SHA
      https.ciphersuites = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
      https.ciphersuites = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
      https.ciphersuites = TLS_RSA_WITH_AES_128_CBC_SHA256
      https.ciphersuites = TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
      https.ciphersuites = TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
      https.ciphersuites = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
      https.ciphersuites = TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
      https.ciphersuites = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
      https.ciphersuites = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
      https.ciphersuites = TLS_RSA_WITH_AES_128_CBC_SHA
      https.ciphersuites = TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
      https.ciphersuites = TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
      https.ciphersuites = TLS_DHE_RSA_WITH_AES_128_CBC_SHA
      https.ciphersuites = TLS_DHE_DSS_WITH_AES_128_CBC_SHA
      https.ciphersuites = TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
      https.ciphersuites = TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
      https.ciphersuites = SSL_RSA_WITH_3DES_EDE_CBC_SHA
      https.ciphersuites = TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
      https.ciphersuites = TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
      https.ciphersuites = SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
      https.ciphersuites = SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
      https.ciphersuites = TLS_EMPTY_RENEGOTIATION_INFO_SCSV

      Comment


      • #4
        That looks incorrect, those should be on one line each. What version are you using? It looks like you may have run into MIRTH-3991, which was fixed in 3.4.2.
        Step 1: JAVA CACHE...DID YOU CLEAR ...wait, ding dong the witch is dead?

        Nicholas Rupley
        Work: 949-237-6069
        Always include what Mirth Connect version you're working with. Also include (if applicable) the code you're using and full stacktraces for errors (use CODE tags). Posting your entire channel is helpful as well; make sure to scrub any PHI/passwords first.


        - How do I foo?
        - You just bar.

        Comment


        • #5
          Interesting. I thought it looked strange with multiple assignments for the same setting, but since I had never even opened the mirth.properties file before I assumed it was correct. I'm on version 3.4.1. We did have a "backend storage event" on the server around the time it stopped working, so maybe that triggered the bug.

          I restored mirth.properties from a February backup, and the emails are working now. Thanks!

          Comment

          Working...
          X