Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1193908

Summary: Ignores GOA (gnome-online-accounts) configuration regarding SMTP AUTH
Product: Red Hat Enterprise Linux 7 Reporter: Grega Bremec <gregab>
Component: evolution-data-serverAssignee: Matthew Barnes <mbarnes>
Status: CLOSED DUPLICATE QA Contact: Desktop QE <desktop-qa-list>
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.1CC: mbarnes, mcrha, vbenes
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-05-05 15:36:33 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
evolution-data-server-3.8.5-goa-smtp-auth.patch none

Description Grega Bremec 2015-02-18 14:34:46 UTC 
Description of problem:
Setting up IMAP/SMTP accounts in GOA works for IMAP, but when trying to send an e-mail through the assigned SMTP server, SMTP AUTH is not used regardless of the fact it is required by GOA, resulting in bounced messages.

Version-Release number of selected component (if applicable):
gnome-online-accounts-3.8.5-14.el7.x86_64

How reproducible:
Always.

Steps to Reproduce:
1. configure GOA IMAP/SMTP account with an SSL-enabled SMTP server requiring authentication
2. try to send e-mails
3. observe bounce

Actual results:
Feb 18 14:50:56 woodstock sendmail[6360]: STARTTLS=server, relay=a.b.c.d [a.b.c.d], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES128-SHA, bits=128/128
Feb 18 14:50:58 woodstock sendmail[6360]: t1IDohCL006360: ruleset=check_rcpt, arg1=<xxxxxxxxx>, relay=a.b.c.d [a.b.c.d], reject=550 5.7.1 <xxxxxxxxx>... Relaying denied due to policy in effect.

Expected results:
Feb 18 14:47:55 woodstock sendmail[6303]: STARTTLS=server, relay=a.b.c.d [a.b.c.d], version=TLSv1/SSLv3, verify=NO, cipher=AES128-SHA, bits=128/128
Feb 18 14:47:56 woodstock sendmail[6303]: AUTH=server, relay=a.b.c.d [a.b.c.d], authid=gregab, mech=PLAIN, bits=0

Additional info:
Relevant ~/.config/goa-1.0/accounts.conf content:
[Account account_1424113194]
Provider=imap_smtp
Identity=gregab
PresentationIdentity=gregab
Enabled=true
EmailAddress=gregab
Name=Grega Bremec
ImapHost=p0f.net
ImapUserName=gregab
ImapUseSsl=true
ImapUseTls=false
ImapAcceptSslErrors=true
SmtpHost=p0f.net
SmtpUseAuth=true
SmtpUserName=gregab
SmtpUseSsl=true
SmtpUseTls=false
SmtpAcceptSslErrors=true
Comment 2 Milan Crha 2015-02-19 07:17:17 UTC 
Thanks for a bug report. I guess this will need to backport the below upstream patches:

 - https://git.gnome.org/browse/evolution-data-server/commit/?id=f3575e798878
 - https://git.gnome.org/browse/evolution-data-server/commit/?id=462a170ff99b
 - https://git.gnome.org/browse/evolution-data-server/commit/?id=44160d305887
 - https://git.gnome.org/browse/evolution-data-server/commit/?id=e2bda892fd36

Even the last patch requires GOA 3.11.5 and newer to be fully used.
Comment 3 Milan Crha 2015-02-19 07:58:41 UTC 
Created attachment 993453 [details]
evolution-data-server-3.8.5-goa-smtp-auth.patch

A patch, which contains all the above commits at once.
Comment 4 Milan Crha 2015-02-19 12:31:59 UTC 
I made a test build with the above patch included at [1]. Feel free to install it and check out whether the fix works. You might restart the machine (or re-login) after it's installed.

[1] https://people.gnome.org/~mcrha/rh1193908/
Comment 5 Grega Bremec 2015-02-19 14:56:07 UTC 
Perfect, Milan, this works like a charm. :) Thanks a lot for the *very* quick response and solution.
Comment 6 Grega Bremec 2015-03-02 07:28:36 UTC 
After about two weeks of testing the proposed fix, there is now another problem with Gmail that pops up instead of the original one.

Upon sending a message using a GOA-configured Gmail account, I get an error message from Evolution saying:

"An error occurred while sending. How do you want to proceed?"
"The reported error was "Bad authentication response from server."

I have previously been able to use Gmail normally (at least as far as I can remember), but if you want me to, I can revert the package to the original RHEL 7.1 beta version and test.
Comment 7 Milan Crha 2015-03-04 07:50:01 UTC 
(In reply to Grega Bremec from comment #6)
> Upon sending a message using a GOA-configured Gmail account, I get an error
> message from Evolution saying:
> 
> "An error occurred while sending. How do you want to proceed?"
> "The reported error was "Bad authentication response from server."

Thanks for the update. The GOA configured account uses OAuth(/OAuth2) authentication, with the token taken from GOA. These tokens can expire, though I do not know for how long they are given. Could you open Online Accounts in Settings to see whether it doesn't claim an expired token error there, please?

Also, could you run evolution from a terminal as follows:
   $ CAMEL_DEBUG=smtp evolution
and then reproduce the error, please? It'll show what was sent and what was received when trying to send the message, which may give more detailed error description.
Comment 8 Grega Bremec 2015-03-05 08:32:11 UTC 
Hi, Milan, thanks for the quick update.

Upon checking, everything seems OK in the GOA control panel applet (no errors, I also tried checking off "Use google for: mail" and then back on again, no complaints).

The result of CAMEL_DEBUG=smtp is fairly terse and does not really reveal anything except the client works as it should if it were a normal SMTP client (so no OAuth here, apparently):

sending : EHLO [192.168.144.140]
sending : STARTTLS
sending : EHLO [192.168.144.140]
sending : AUTH PLAIN base64encodedusernameandpassword=

Immediately after this, I get the "Bad authentication response from server." error.

When using openssl s_client to connect directly to port 465 of 173.194.65.108 (smtp.gmail.com, it won't accept connections to 25/tcp), I obviously got a rejection from Gmail because I use app-specific passwords (which I can not specify in GOA).
Comment 10 Milan Crha 2015-05-05 15:36:33 UTC 
I just realized that this fix is already included in 3.12.11, to which the evolution packages will be rebased for RHEL 7.2, thus I'm marking this as a duplicate of the rebase bug.

*** This bug has been marked as a duplicate of bug 1174414 ***