Any clues on SMTP auth issues with gmail?

Self-Hosted | v5
1

There’s an older thread here about folks having auth issues setting up SMTP to work with Google/Gmail. I followed the suggestions there, but am still unable to auth against Google… I hope someone who has worked through this can spot something wrong with my setup.

This is my last step before sending out my first invoice. :slight_smile:

My self-hosted instance is using the latest docker-compose stuff on Mac OS.

I’ve created an “app password” in the Google MFA control panel, and put it in my env as follows:

# Mail options
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=<me-here>@gmail.com
MAIL_PASSWORD=<MYAPPPASS-HERE>
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS='[email protected]'
MAIL_FROM_NAME='Raymond Peck'

I ran php artisan optimize in the app container, and restarted the container, but I’m still getting an auth failure from Google. Does anyone have a clue? This is in the logs:

System failed to email invoice
2023-07-04
127.0.0.1
Failed to authenticate on SMTP server with username "[email protected]" using the following authenticators: "LOGIN", "PLAIN", "XOAUTH2". Authenticator "LOGIN" returned "Expected response code "235" but got code "535", with message "535-5.7.8 Username and Password not accepted. Learn more at 535 5.7.8 https://support.google.com/mail/?p=BadCredentials k6-20020aa78206000000b0063b898b3502sm16028019pfi.153 - gsmtp".". Authenticator "PLAIN" returned "Expected response code "235" but got code "535", with message "535-5.7.8 Username and Password not accepted. Learn more at 535 5.7.8 https://support.google.com/mail/?p=BadCredentials k6-20020aa78206000000b0063b898b3502sm16028019pfi.153 - gsmtp".". Authenticator "XOAUTH2" returned "Expected response code "235" but got code "334", with message "334 eyJzdGF0dXMiOiI0MDAiLCJzY2hlbWVzIjoiQmVhcmVyIiwic2NvcGUiOiJodHRwczovL21haWwuZ29vZ2xlLmNvbS8ifQ==".".

BTW, it sure would be swell if the React UI had 1. timestamps in the log, and 2. a button to refresh the log.

:slight_smile:

THANKS for any clues!

2

Hi,

Maybe the info here will help:

3

Yeah, I already went through all that. “Enabling less secure apps” is no longer supported. The current supported method is “application-specific password”, which is what I did.

You go into your MFA config for your Google account, and there’s a way there to create a 16-character password for a specific application. That’s what you put as the value of MAIL_PASSWORD.

I got it working, mostly. Yay! There were two issues I worked through, and one I didn’t yet:

  1. When you first use the 16-character app password, Google will send you a verification. It won’t work until you verify (and retry your first email). They sent me an email that got buried. You can also verify by going to the Security admin in your Google account, to the app password section you used to create the app password, and verify it there. Don’t know why they didn’t push an alert to my Pixel phone… :frowning:
  2. I opened a terminal in my app container, and found that the env info hadn’t been updated from the file (% printenv). I had been stopping/starting the containers with Docker Desktop, which seems to do something different from the cli. I instead did docker compose down && docker compose up -d, and saw that the password change was now in the environment. At that point, sending email worked! Woo!

The unresolved issue:

  1. The app container is running out of memory and restarting. I tried adding a deploy.resources section to the docker-compose.yml, but that doesn’t seem to have had an effect. Any clue how to bump the ram limit for the app container?
2023-07-05 13:22:13 PHP Fatal error:  Allowed memory size of 134217728 bytes exhausted (tried to allocate 9917000 bytes) in /var/www/app/vendor/laravel/framework/src/Illuminate/Mail/Events/MessageSent.php on line 70
2023-07-05 13:22:13 
2023-07-05 13:22:13 In MessageSent.php line 70:
2023-07-05 13:22:13                                                                                
2023-07-05 13:22:13   Allowed memory size of 134217728 bytes exhausted (tried to allocate 9917000  
2023-07-05 13:22:13    bytes)
4

Glad to hear it, thanks for the update!

@david do you have any suggestions for the memory issue?

1 Like
5

This is how I tweaked docker-compose.yml:

  app:
    image: invoiceninja/invoiceninja:5
    env_file: env
    restart: always
    volumes:
      - ./config/hosts:/etc/hosts:ro
      - ./docker/app/public:/var/www/app/public:rw,delegated
      - ./docker/app/storage:/var/www/app/storage:rw,delegated
    depends_on:
      - db
    networks:
      - invoiceninja
    extra_hosts:
      - "in5.localhost:192.168.0.124 " #host and ip
    deploy:
      resources:
        limits:
          cpus: '2.0'
          memory: 250M
        reservations:
          cpus: '0.0001'
          memory: 150M
6

I’ve PR’d a change to enable using a php.ini file from the config folder, it isn’t merged yet, however you can use the PR as the basis of the changes needed.

bonus points

If you uncomment the opcache configuration, the application speeds up signfiicantly.

7

Thanks, David!

I gave a quick look, but I’m unclear on whether I’d need to rebuild the Docker container and redeploy in order to add this improvement. Is there an easier way for me to bump the memory limit, with the existing YAML files and other config?

tl;dr: I’d appreciate a clue, so I don’t need to spend time with the codebase. :slight_smile: If not, I can work around; it’s an inconvenience for the container to crash and restart, but it isn’t a showstopper.

Thanks!

8

no need to rebuild the containers, essentially the change just passes a custom php.ini through to the backend

9

Please create password by using below link and use that password in your “app”, believe me your problem will solve because i personally used and tried.

Keep in mind password use without space in your app.

Link for generating password: https://security.google.com/settings/security/apppasswords