7

I'm trying to configure monit to send emails through Office365. Here's the relevant configuration:

set mailserver smtp.office365.com port 587 username "username" password "password" using tlsv1 with timeout 30 seconds

Unfortunately, it doesn't work. Here's the relevant error from /var/log/monit.log:

[PST Feb 27 06:40:48] error : Sendmail error: 534-5.7.9 Please log in with your web browser and then try again. Learn more at

(Yes, the error is truncated.)

The credentials are correct - I've successfully used them to log in to Office 365/Outlook. I've also used this account to send mail through a Rails app, so I'm assuming the configuration issue is on Monit's end, and not Microsoft's.

It seems someone ran into a similar roadbump here. While I can't find any documentation confirming that Monit supports TLS v1.1, I'd be surprised if it didn't (the spec is 8 years old now).

Is there something I'm missing?

nsxt
  • 71
  • 1
  • 2
  • Are you sending from the O365 email address too? Did you follow the technet article on this? http://technet.microsoft.com/en-us/library/dn554323.aspx – TheCleaner Feb 27 '14 at 20:51
  • I am, and yes, I followed that article. That's how I got Rails to send email properly. – nsxt Feb 27 '14 at 21:42
  • OK, I could have helped on the O365 side, but you are probably right then that the issue is with Monit. For instance: http://stackoverflow.com/questions/22013679/monit-not-send-alert-message-and-give-error-alert-handler-failed-retry-schedu seems to have the same issue but probably not with O365. – TheCleaner Feb 27 '14 at 21:46
  • Well, after having changed nothing, here's a slightly different error: "[PST Feb 27 13:49:07] error : Sendmail error: 504 5.7.4 Unrecognized authentication type" Sounds like that's more O365-related... – nsxt Feb 27 '14 at 21:51

3 Answers3

1

"504 5.7.4 Unrecognized authentication type" is a response to your request. It means you are requesting access via an authentication type that is not supported by the connection.

I am not familiar with MONIT - so I can't help with the configuration completely but review these configuration items:

  1. Be sure that the FROM in the message is the same as the account you are logging in as.
  2. Check the Authentication type directly that is also being passed. If your configuration shows AUTH LOGIN Try to change that to AUTH BASIC.
  3. O365 supports TLS 1.0, 1.1, and 1.2 - however, you must also be sure you have the proper cipher suites enabled that are supported by O365 or a connection will not be made. See here for supported cipher suites: https://technet.microsoft.com/en-us/library/mt163898.aspx To find what you are using or trying to use - you need to do a packet trace - which will show you which protocol you are using, version, and the cipher suite (or if you are not using a compatible one). Use something like WireShark to get this info. All OSes will have a default set of cipher suites enabled - but will let you enable others as well as change the order they are attempted.
Jesus Shelby
  • 1,284
  • 9
  • 14
0

I had success with TLS 1.2. Like this:

set mailserver smtp.office365.com port 587
    username "username" password "password"
    using tlsv12
    with timeout 30 seconds
SET TLS options{VERSION: AUTO}
SMich
  • 1
-2

"set smtp-use-starttls" in /etc/mail.rc