hMailServer and Sendgrid
hMailServer and Sendgrid
Hello all.
I use Sendgrid for SMTP. I received this email stating that they would no longer support basic user name and password. Here is that message:
Secure Your SendGrid Account With API Keys and Two-Factor Authentication (2FA) Twilio SendGrid will soon begin enforcing API Key authentication for all API requests and Two-Factor Authentication upon login. We have begun reaching out to customers to upgrade to API Keys where applicable, and to enable 2FA on their SendGrid accounts using SMS or Authy.
How am I to handle this from within hMailServer.
Thank you
I use Sendgrid for SMTP. I received this email stating that they would no longer support basic user name and password. Here is that message:
Secure Your SendGrid Account With API Keys and Two-Factor Authentication (2FA) Twilio SendGrid will soon begin enforcing API Key authentication for all API requests and Two-Factor Authentication upon login. We have begun reaching out to customers to upgrade to API Keys where applicable, and to enable 2FA on their SendGrid accounts using SMS or Authy.
How am I to handle this from within hMailServer.
Thank you
Re: hMailServer and Sendgrid
don't think that you can
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
https://www.hmailserver.com/documentation
- jimimaseye
- Moderator
- Posts: 10060
- Joined: 2011-09-08 17:48
Re: hMailServer and Sendgrid
The api key is what you use to connect and send from hmailserver (ie the user name) . That message only says it is now going to authenticate it. ("enforcing API Key authentication for all API requests").
This seems they may be just authenticating at time of creation.
I don't think this is should be a problem or anything to worry about.
[Entered by mobile. Excuse my spelling.]
This seems they may be just authenticating at time of creation.
I don't think this is should be a problem or anything to worry about.
[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829
Re: hMailServer and Sendgrid
SMS should do the trick. Get a code, type it in... Easy peasy.
Re: hMailServer and Sendgrid
If sendgrid offers SMS as a 2FA method, you make your request for new keys, they send you a text with a one time code, you use the code to validate the 2FA form. Then you get your new keys. Just like when you log in to your bank website from a new computer/browser/etc. They send a code to your phone via SMS, you validate with the code.
Re: hMailServer and Sendgrid
One of their suggestions was that I use a mobile app called Authy. Which I did. I'm still not sure what I am supposed to enter into the Username and Password fields in hMailServer. Is it the name of the newly created API key and it's corresponding key value as password. Or, do I keep using my email address and password that I was using originally.palinka wrote: ↑2020-10-20 15:37If sendgrid offers SMS as a 2FA method, you make your request for new keys, they send you a text with a one time code, you use the code to validate the 2FA form. Then you get your new keys. Just like when you log in to your bank website from a new computer/browser/etc. They send a code to your phone via SMS, you validate with the code.
If I keep using the email address / password combination the email message is not sent and I receive this error message:
Error Type: SMTP
Remote server (167.89.115.117) issued an error.
hMailServer sent: <Password removed>
Remote server replied: 535 Authentication failed: Basic authentication is not allowed with 2FA enabled. To fix, see https://sendgrid.com/docs/for-developer ... entication
And the hMailServer log basically states the same:
Received: 535 Authentication failed: Basic authentication is not allowed with 2FA enabled.
Re: hMailServer and Sendgrid
have you read this ?peterbata wrote: ↑2020-10-20 15:49One of their suggestions was that I use a mobile app called Authy. Which I did. I'm still not sure what I am supposed to enter into the Username and Password fields in hMailServer. Is it the name of the newly created API key and it's corresponding key value as password. Or, do I keep using my email address and password that I was using originally.palinka wrote: ↑2020-10-20 15:37If sendgrid offers SMS as a 2FA method, you make your request for new keys, they send you a text with a one time code, you use the code to validate the 2FA form. Then you get your new keys. Just like when you log in to your bank website from a new computer/browser/etc. They send a code to your phone via SMS, you validate with the code.
If I keep using the email address / password combination the email message is not sent and I receive this error message:
Error Type: SMTP
Remote server (167.89.115.117) issued an error.
hMailServer sent: <Password removed>
Remote server replied: 535 Authentication failed: Basic authentication is not allowed with 2FA enabled. To fix, see https://sendgrid.com/docs/for-developer ... entication
And the hMailServer log basically states the same:
Received: 535 Authentication failed: Basic authentication is not allowed with 2FA enabled.
https://sendgrid.com/docs/for-developer ... rted-smtp/
roughly:
"Create a SendGrid API key on the API Keys page."
"Convert your API key to Base64"
"when authenticating use the API username encoded in Base64. Everyone's username is apikey, which is YXBpa2V5 in Base64."
"Enter your Base64 converted API key as the password."
lets cheat darwin out of his legacy, find a cure for cancer...
Re: hMailServer and Sendgrid
Ahhh... Sorry, I thought the api key was only for the control panel stuff.
They're requiring everyone script an email client. That's probably not a big deal for marketers. hMailServer is not a solution for this API. It looks like they're phasing out smtp relaying altogether.
https://sendgrid.com/blog/web-api-or-sm ... your-mail/
This is old, but it shows the direction they're going.
Here's instructions on disabling 2FA: https://sendgrid.com/docs/ui/account-an ... entication
If you're using sendgrid for general relaying (not marketing), I suggest you find a different relay. Anyway, sendgrid is full of spammers. Messages relayed through sendgrid often end up on my ban list or cause false positive bans. Of all the major relays, they're the worst. Even amazon handles spam/reputation better.
They're requiring everyone script an email client. That's probably not a big deal for marketers. hMailServer is not a solution for this API. It looks like they're phasing out smtp relaying altogether.
https://sendgrid.com/blog/web-api-or-sm ... your-mail/
This is old, but it shows the direction they're going.
Here's instructions on disabling 2FA: https://sendgrid.com/docs/ui/account-an ... entication
If you're using sendgrid for general relaying (not marketing), I suggest you find a different relay. Anyway, sendgrid is full of spammers. Messages relayed through sendgrid often end up on my ban list or cause false positive bans. Of all the major relays, they're the worst. Even amazon handles spam/reputation better.
Re: hMailServer and Sendgrid
Good find. They don't make it easy.johang wrote: ↑2020-10-20 16:26have you read this ?
https://sendgrid.com/docs/for-developer ... rted-smtp/
roughly:
"Create a SendGrid API key on the API Keys page."
"Convert your API key to Base64"
"when authenticating use the API username encoded in Base64. Everyone's username is apikey, which is YXBpa2V5 in Base64."
"Enter your Base64 converted API key as the password."
I'd still dump sendgrid on spam/reputation grounds.
Re: hMailServer and Sendgrid
Thanks everyone. I really do appreciate your time and assistance. Have yourselves a safe and wonderful day?
Re: hMailServer and Sendgrid
This was the response to a support ticket that I submitted on Sendgrid:
Forgot to mention that the key and username encryption are optional, they are encrypted in the documentation for security purposes, some email clients might not like encrypted passwords/usernames so you can paste any generated API key under it's original format "SG......etc"
Forgot to mention that the key and username encryption are optional, they are encrypted in the documentation for security purposes, some email clients might not like encrypted passwords/usernames so you can paste any generated API key under it's original format "SG......etc"
-
- Senior user
- Posts: 837
- Joined: 2016-12-08 02:21
Re: hMailServer and Sendgrid
Anyone have any recommendations for alternative service providers? Anyone have experience with Sendinblue?
- jimimaseye
- Moderator
- Posts: 10060
- Joined: 2011-09-08 17:48
Re: hMailServer and Sendgrid
Current users shouldn't worry about changing if they are happy with their service. I'm not sure why its suggested that they are aiming to move away from smtp. I've read the link provided and it says nothing of the sort beyond 'we prefer the api because it's quicker and more reliable'. After all, it's a mail sending service and mail sending is born from smtp.
[Entered by mobile. Excuse my spelling.]
[Entered by mobile. Excuse my spelling.]
5.7 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829
Re: hMailServer and Sendgrid
You are absolutely right. I have been in touch with a gentleman in support and not once did he say that they were doing away with SMTP. By the way, I couldn't believe how quick he was in responding to my inquiries. I'm amazed. Thanks for chiming in @jimimaseyejimimaseye wrote: ↑2020-10-20 21:49Current users shouldn't worry about changing if they are happy with their service. I'm not sure why its suggested that they are aiming to move away from smtp. I've read the link provided and it says nothing of the sort beyond 'we prefer the api because it's quicker and more reliable'. After all, it's a mail sending service and mail sending is born from smtp.
[Entered by mobile. Excuse my spelling.]
Re: hMailServer and Sendgrid
Well... If 2FA is done like on Facebook it could work...
Every time I connect to Facebook on a new device I get a push notification asking if it is me... Nothing happens until I confirm. Once confirmed it stays active until deleted from list of "authorised" devices.
Every time I connect to Facebook on a new device I get a push notification asking if it is me... Nothing happens until I confirm. Once confirmed it stays active until deleted from list of "authorised" devices.
SørenR.
Woke is Marxism advancing through Maoist cultural revolution.
Woke is Marxism advancing through Maoist cultural revolution.