Expand my Community achievements bar.

TLS support in Day CQ Mail Service

Avatar

Level 1
Level 1
3/17/16 10:08:04 AM

Hi,

I need to configure email notifications for certain events, like content creation, rollout and activation. We have to use an office365 smtp server configured to use TLS to send the email.

I have configured the Mail Service to use this SMTP server but only see an option for using SSL and not TLS. I tried using SSL but it didn't work - "a sending error occurred: {}"

(As others have noted, the error logs are very confusing - when SSL is selected the log reports that attempt is made to connect on port 25, even though port is set to 587)

Is there a way to use this service with a TLS SMTP server? Is there a later version available that would work? We are are on AEM6.0 SP2.

 

Thanks!

Views

4.8K

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Level 10
Level 10
3/17/16 10:34:39 AM

"I have configured the Mail Service to use this SMTP server but only see an option for using SSL and not TLS."

Looks like ootb Mail service does not support this.

 https://docs.adobe.com/docs/en/aem/6-1/administer/operations/notification.html

Because ootb mail service does not support this- then write a custom AEM service that uses Java MAIL API to do this. Java Mail API supports this: 

http://stackoverflow.com/questions/411331/using-javamail-with-tls

See this community article on how to write a custom service with Java Mail API: 

https://helpx.adobe.com/experience-manager/using/creating-custom-cq-email-services.html

Its wrapping Java Mail API in an OSGi bundle. If you want options - then you can use OSGi configuration options. That would let you set values such as SMTP Mail server without re-compiling the bundle. 

Views

3.5K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
3/17/16 11:11:36 AM
In response to smacdonald2008

thanks very much for the quick reply

I think I'll investigate sourcing an SSL server first, then investigate the custom service option if necessary.

thanks

Views

3.5K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
3/23/16 10:17:18 AM
In response to bretto1110495

just as an update, I managed to send email from the out of the box service using the TLS SMTP server and this proxy: https://www.stunnel.org/index.html

So far, used in dev only but I think this will do the job.

I would still be keen to hear of any real world experiences of using stunnel.

Views

3.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
3/20/18 9:45:34 AM

I got stuck with similar issue where we need to enable TLS and found a workaround for it. Thought to share it.

Approach: Override CQ Mail Service with small change to enable TLS.

Download Java Decompiler and extract cq-mailer jar. You will find the DefaultMailService file.

Copy this file and add it your project along with other service implementation files. Change the package name to match your package structure and also rename the component title to 'Project Mail Service'

Add new property to the implementation named Enable TLS. Change the send(email) method to read the TLS configuration and use email.setTLS(tlsValue) or setStartTLSEnabled(boolean startTlsEnabled) method as mentioned at Apache Commons Email 1.6-SNAPSHOT API.

At the end, you would see two components in system/console/components. You can disable Day CQ Mail Service using ACS Commons ComponentDisabler so that your project Mail Service takes priority.

Hope this is helpful!

Views

3.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate