Adobe Experience Manager Sites & More

deepikapatel · 5/1/25

Hi Everyone,

I am working on custom work and need to send and email for approval. We are using ootb email configs. com.day.cq.mailer.DefaultMailService.cfg.json

{
    "smtp.host": "$[env:PROJECT_SMTP_HOST]",
    "smtp.port": "30465",
    "smtp.user": "$[env:EMAIL_USERNAME]",
    "smtp.password": "$[secret:EMAIL_PASSWORD]",
    "from.address": "noreply@domain.com",
    "smtp.ssl": true,
    "smtp.starttls": false,
    "smtp.requiretls": false,
    "debug.email": false,
    "oauth.flow": false
}

We have changed the smtp.host variable name to "PROJECT_SMTP_HOST" as mentioned in adobe document that

$[env:AEM_PROXY_HOST] is a reserved variable that AEM as a Cloud Service maps to the internal proxy.tunnel host.
Do NOT attempt to set the AEM_PROXY_HOST via Cloud Manager.

We have also enabled the port forwards and egress and whitelisting of IP.

Still getting the connection timeout.

rks1108 · 5/5/25

Your connection timeout is most likely related to the use of the smtp.host variable and network configuration in AEM as a Cloud Service. Here is a step-by-step guide with key pointers from internal knowledge and documentation:

1. Use AEM’s Internal Proxy Host Variable - AEMasaCloudService

You must NOT set a custom variable for the host unless you have specialized networking. The required and supported way to configure this for Cloud Service uses the internal proxy variable:

"smtp.host": "$[env:AEM_PROXY_HOST;default=proxy.tunnel]"

This is internally mapped to your chosen SMTP destination during advanced networking/port forwarding. Your custom variable PROJECT_SMTP_HOST will not be recognized by the proxy/tunnel networking AEM expects, and connection will not work.

Source: "Configure the smtp.host OSGi parameter using the variable $[env:AEM_PROXY_HOST;default=proxy.tunnel]. This is internally mapped."

2. Port Forwarding Must Match OSGi smtp.port Field

In your config, you set "smtp.port": "30465". This value needs to match the "portOrig" you use in the Cloud Manager port forwarding configuration for your SMTP service.

Example (for SMTP over 465):

"portForwards": [
  { "name": "smtp.sendgrid.net", "portDest": 465, "portOrig": 30465 }
]

Then, "smtp.port" in OSGi is 30465, NOT 465 or any custom value.

Source: “Set the smtp.port to match the original port that aligns with the port forwarding rule established in Cloud Manager.”

3. Advanced Networking Requirements

Just enabling port forward/egress is not enough: your Cloud Manager networking config must map the proxy port ("portOrig") to your SMTP server and port ("portDest"). This allows the service to tunnel through Adobe Cloud Service’s restricted egress layer.

Source: “Only HTTP and HTTPS ports are open by default in AEMaaCS, which may hinder SMTP connections. Configure advanced networking to permit egress through the required SMTP ports.

4. Debug and Logs

Enable "debug.email": true in your config and check AEM logs for which hostname and port are being used at runtime. If you see "proxy.tunnel" or "AEM_PROXY_HOST" resolved to something unexpected or if you see a connection timeout to a private IP, this is a clear sign of misconfiguration in these two fields.

5. Avoid Reserved Variable Names and Inconsistent Naming

You should not use custom environment variable names (like "PROJECT_SMTP_HOST") for host mapping in Cloud Service. Adobe Cloud Service expects "AEM_PROXY_HOST" in the SMTP config to correctly route mail out.

Example of a Working OSGi Email Config:

{
  "smtp.host": "$[env:AEM_PROXY_HOST;default=proxy.tunnel]",
  "smtp.port": "30465",
  "smtp.user": "$[env:EMAIL_USERNAME]",
  "smtp.password": "$[secret:EMAIL_PASSWORD]",
  "from.address": "noreply@domain.com",
  "smtp.ssl": true,
  "smtp.starttls": false,
  "smtp.requiretls": false,
  "debug.email": true,
  "oauth.flow": false
}

View solution in original post

muskaanchandwani · 5/1/25

@deepikapatel could you share the complete Error Stack Trace?

AmitVishwakarma · 5/1/25

Hi @deepikapatel ,

The SMTP connection timeout in AEM as a Cloud Service usually happens due to one or more of the following issues — and from your config and setup.

1. Correct SMTP Configuration File

You're using com.day.cq.mailer.DefaultMailService.cfg.json — that's correct.

Double-check:

{
  "smtp.host": "$[env:PROJECT_SMTP_HOST]",
  "smtp.port": "30465",
  "smtp.user": "$[env:EMAIL_USERNAME]",
  "smtp.password": "$[secret:EMAIL_PASSWORD]",
  "from.address": "noreply@domain.com",
  "smtp.ssl": true,
  "smtp.starttls": false,
  "smtp.requiretls": false,
  "debug.email": false
}

Confirm:

$[env:PROJECT_SMTP_HOST] is set in Cloud Manager pipeline variables.

$[secret:EMAIL_PASSWORD] is a secret variable (under secrets, not regular env vars).

2. Port and Host Egress Configuration

In AEM as a Cloud Service:

All outbound traffic (SMTP included) must go through the Adobe I/O Runtime (proxy tunnel).

You cannot directly hit any external SMTP server unless egress IPs are allowlisted on your SMTP server side, and the egress rule is added to Adobe.

Make sure:

You've submitted an Adobe support ticket with:

SMTP hostname

SMTP port

Protocol (SSL vs STARTTLS)

Destination IP

Reason for egress

If this isn't done, your request will time out at firewall.

3. SMTP Server Compatibility

Some SMTP services (like Microsoft 365, Gmail SMTP) block connections unless:

They’re explicitly configured to allow relay from specific IPs.

The login protocol matches (e.g., TLS vs SSL).

The authentication method is accepted (some require OAuth now).

Try switching smtp.ssl and smtp.starttls depending on your server's requirements:

For SSL:
smtp.ssl=true, smtp.starttls=false

For STARTTLS:
smtp.ssl=false, smtp.starttls=true

Also verify the port matches your protocol (e.g., 465 for SSL, 587 for STARTTLS).

4. Debugging

Add:

"debug.email": true

...to your config temporarily. This will log SMTP connection activity in your logs (not password), and can reveal handshake failures, auth issues, or DNS problems.

Then go to:

AEM Runtime Logs (via Cloud Manager)

Look under error.log or stdout.log for SMTP debug lines

5. Custom Java Code

If using Java to trigger the email, make sure:

Message message = new MimeMessage(session);
message.setRecipients(Message.RecipientType.TO, InternetAddress.parse("someone@example.com"));
message.setSubject("Approval Required");
message.setText("Please approve the request.");
Transport.send(message); // This will hit the config above

Make sure you're not overriding the SMTP config programmatically unless you explicitly intend to.

Regards,
Amit

lavishvasuja · 5/1/25

Hi @deepikapatel ,

It looks like there might be an issue with the SMTP proxy tunnel on port 30465.

Can you please check with the Adobe team to confirm:

Is the SMTP proxy tunnel to port 30465 active and correctly routed for the PROJECT_SMTP_HOST environment variable?"

Regards,
Lavish Vasuja

rks1108 · 5/5/25

Your connection timeout is most likely related to the use of the smtp.host variable and network configuration in AEM as a Cloud Service. Here is a step-by-step guide with key pointers from internal knowledge and documentation:

1. Use AEM’s Internal Proxy Host Variable - AEMasaCloudService

You must NOT set a custom variable for the host unless you have specialized networking. The required and supported way to configure this for Cloud Service uses the internal proxy variable:

"smtp.host": "$[env:AEM_PROXY_HOST;default=proxy.tunnel]"

This is internally mapped to your chosen SMTP destination during advanced networking/port forwarding. Your custom variable PROJECT_SMTP_HOST will not be recognized by the proxy/tunnel networking AEM expects, and connection will not work.

Source: "Configure the smtp.host OSGi parameter using the variable $[env:AEM_PROXY_HOST;default=proxy.tunnel]. This is internally mapped."

2. Port Forwarding Must Match OSGi smtp.port Field

In your config, you set "smtp.port": "30465". This value needs to match the "portOrig" you use in the Cloud Manager port forwarding configuration for your SMTP service.

Example (for SMTP over 465):

"portForwards": [
  { "name": "smtp.sendgrid.net", "portDest": 465, "portOrig": 30465 }
]

Then, "smtp.port" in OSGi is 30465, NOT 465 or any custom value.

Source: “Set the smtp.port to match the original port that aligns with the port forwarding rule established in Cloud Manager.”

3. Advanced Networking Requirements

Just enabling port forward/egress is not enough: your Cloud Manager networking config must map the proxy port ("portOrig") to your SMTP server and port ("portDest"). This allows the service to tunnel through Adobe Cloud Service’s restricted egress layer.

Source: “Only HTTP and HTTPS ports are open by default in AEMaaCS, which may hinder SMTP connections. Configure advanced networking to permit egress through the required SMTP ports.

4. Debug and Logs

Enable "debug.email": true in your config and check AEM logs for which hostname and port are being used at runtime. If you see "proxy.tunnel" or "AEM_PROXY_HOST" resolved to something unexpected or if you see a connection timeout to a private IP, this is a clear sign of misconfiguration in these two fields.

5. Avoid Reserved Variable Names and Inconsistent Naming

You should not use custom environment variable names (like "PROJECT_SMTP_HOST") for host mapping in Cloud Service. Adobe Cloud Service expects "AEM_PROXY_HOST" in the SMTP config to correctly route mail out.

Example of a Working OSGi Email Config:

{
  "smtp.host": "$[env:AEM_PROXY_HOST;default=proxy.tunnel]",
  "smtp.port": "30465",
  "smtp.user": "$[env:EMAIL_USERNAME]",
  "smtp.password": "$[secret:EMAIL_PASSWORD]",
  "from.address": "noreply@domain.com",
  "smtp.ssl": true,
  "smtp.starttls": false,
  "smtp.requiretls": false,
  "debug.email": true,
  "oauth.flow": false
}

Adobe Experience Manager Sites & More

SMTP connection time out issue in AEM as cloud.

1. Use AEM’s Internal Proxy Host Variable - AEMasaCloudService

2. Port Forwarding Must Match OSGi smtp.port Field

3. Advanced Networking Requirements

4. Debug and Logs

5. Avoid Reserved Variable Names and Inconsistent Naming

Example of a Working OSGi Email Config:

1. Use AEM’s Internal Proxy Host Variable - AEMasaCloudService

2. Port Forwarding Must Match OSGi smtp.port Field

3. Advanced Networking Requirements

4. Debug and Logs

5. Avoid Reserved Variable Names and Inconsistent Naming

Example of a Working OSGi Email Config:

Learn

Documentation

Events

Community

Support

Resources

Adobe account

Adobe