Page 1 of 1

hMailServer and Sendgrid

Posted: 2020-10-20 03:13
by peterbata
Hello all.

I use Sendgrid for SMTP. I received this email stating that they would no longer support basic user name and password. Here is that message:

Secure Your SendGrid Account With API Keys and Two-Factor Authentication (2FA) Twilio SendGrid will soon begin enforcing API Key authentication for all API requests and Two-Factor Authentication upon login. We have begun reaching out to customers to upgrade to API Keys where applicable, and to enable 2FA on their SendGrid accounts using SMS or Authy.


How am I to handle this from within hMailServer.

Thank you

Re: hMailServer and Sendgrid

Posted: 2020-10-20 03:18
by mattg
don't think that you can

Re: hMailServer and Sendgrid

Posted: 2020-10-20 09:34
by jimimaseye
The api key is what you use to connect and send from hmailserver (ie the user name) . That message only says it is now going to authenticate it. ("enforcing API Key authentication for all API requests").

This seems they may be just authenticating at time of creation.

I don't think this is should be a problem or anything to worry about.

[Entered by mobile. Excuse my spelling.]

Re: hMailServer and Sendgrid

Posted: 2020-10-20 13:15
by palinka
SMS should do the trick. Get a code, type it in... Easy peasy.

Re: hMailServer and Sendgrid

Posted: 2020-10-20 15:33
by peterbata
palinka wrote:
2020-10-20 13:15
SMS should do the trick. Get a code, type it in... Easy peasy.
I'm sorry but I don't follow you

Re: hMailServer and Sendgrid

Posted: 2020-10-20 15:37
by palinka
peterbata wrote:
2020-10-20 15:33
palinka wrote:
2020-10-20 13:15
SMS should do the trick. Get a code, type it in... Easy peasy.
I'm sorry but I don't follow you
If sendgrid offers SMS as a 2FA method, you make your request for new keys, they send you a text with a one time code, you use the code to validate the 2FA form. Then you get your new keys. Just like when you log in to your bank website from a new computer/browser/etc. They send a code to your phone via SMS, you validate with the code.

Re: hMailServer and Sendgrid

Posted: 2020-10-20 15:49
by peterbata
palinka wrote:
2020-10-20 15:37
peterbata wrote:
2020-10-20 15:33
palinka wrote:
2020-10-20 13:15
SMS should do the trick. Get a code, type it in... Easy peasy.
I'm sorry but I don't follow you
If sendgrid offers SMS as a 2FA method, you make your request for new keys, they send you a text with a one time code, you use the code to validate the 2FA form. Then you get your new keys. Just like when you log in to your bank website from a new computer/browser/etc. They send a code to your phone via SMS, you validate with the code.
One of their suggestions was that I use a mobile app called Authy. Which I did. I'm still not sure what I am supposed to enter into the Username and Password fields in hMailServer. Is it the name of the newly created API key and it's corresponding key value as password. Or, do I keep using my email address and password that I was using originally.

If I keep using the email address / password combination the email message is not sent and I receive this error message:

Error Type: SMTP
Remote server (167.89.115.117) issued an error.
hMailServer sent: <Password removed>
Remote server replied: 535 Authentication failed: Basic authentication is not allowed with 2FA enabled. To fix, see https://sendgrid.com/docs/for-developer ... entication

And the hMailServer log basically states the same:

Received: 535 Authentication failed: Basic authentication is not allowed with 2FA enabled.

Re: hMailServer and Sendgrid

Posted: 2020-10-20 16:26
by johang
peterbata wrote:
2020-10-20 15:49
palinka wrote:
2020-10-20 15:37
peterbata wrote:
2020-10-20 15:33


I'm sorry but I don't follow you
If sendgrid offers SMS as a 2FA method, you make your request for new keys, they send you a text with a one time code, you use the code to validate the 2FA form. Then you get your new keys. Just like when you log in to your bank website from a new computer/browser/etc. They send a code to your phone via SMS, you validate with the code.
One of their suggestions was that I use a mobile app called Authy. Which I did. I'm still not sure what I am supposed to enter into the Username and Password fields in hMailServer. Is it the name of the newly created API key and it's corresponding key value as password. Or, do I keep using my email address and password that I was using originally.

If I keep using the email address / password combination the email message is not sent and I receive this error message:

Error Type: SMTP
Remote server (167.89.115.117) issued an error.
hMailServer sent: <Password removed>
Remote server replied: 535 Authentication failed: Basic authentication is not allowed with 2FA enabled. To fix, see https://sendgrid.com/docs/for-developer ... entication

And the hMailServer log basically states the same:

Received: 535 Authentication failed: Basic authentication is not allowed with 2FA enabled.
have you read this ?
https://sendgrid.com/docs/for-developer ... rted-smtp/

roughly:
"Create a SendGrid API key on the API Keys page."
"Convert your API key to Base64"
"when authenticating use the API username encoded in Base64. Everyone's username is apikey, which is YXBpa2V5 in Base64."
"Enter your Base64 converted API key as the password."

Re: hMailServer and Sendgrid

Posted: 2020-10-20 16:28
by palinka
Ahhh... Sorry, I thought the api key was only for the control panel stuff.

They're requiring everyone script an email client. That's probably not a big deal for marketers. hMailServer is not a solution for this API. It looks like they're phasing out smtp relaying altogether.

https://sendgrid.com/blog/web-api-or-sm ... your-mail/

This is old, but it shows the direction they're going.

Here's instructions on disabling 2FA: https://sendgrid.com/docs/ui/account-an ... entication

If you're using sendgrid for general relaying (not marketing), I suggest you find a different relay. Anyway, sendgrid is full of spammers. Messages relayed through sendgrid often end up on my ban list or cause false positive bans. Of all the major relays, they're the worst. Even amazon handles spam/reputation better.

Re: hMailServer and Sendgrid

Posted: 2020-10-20 16:30
by palinka
johang wrote:
2020-10-20 16:26
have you read this ?
https://sendgrid.com/docs/for-developer ... rted-smtp/

roughly:
"Create a SendGrid API key on the API Keys page."
"Convert your API key to Base64"
"when authenticating use the API username encoded in Base64. Everyone's username is apikey, which is YXBpa2V5 in Base64."
"Enter your Base64 converted API key as the password."
Good find. They don't make it easy.

I'd still dump sendgrid on spam/reputation grounds.

Re: hMailServer and Sendgrid

Posted: 2020-10-20 17:19
by peterbata
Thanks everyone. I really do appreciate your time and assistance. Have yourselves a safe and wonderful day?

Re: hMailServer and Sendgrid

Posted: 2020-10-20 17:26
by peterbata
This was the response to a support ticket that I submitted on Sendgrid:

Forgot to mention that the key and username encryption are optional, they are encrypted in the documentation for security purposes, some email clients might not like encrypted passwords/usernames so you can paste any generated API key under it's original format "SG......etc"

Re: hMailServer and Sendgrid

Posted: 2020-10-20 21:22
by mikedibella
Anyone have any recommendations for alternative service providers? Anyone have experience with Sendinblue?

Re: hMailServer and Sendgrid

Posted: 2020-10-20 21:49
by jimimaseye
Current users shouldn't worry about changing if they are happy with their service. I'm not sure why its suggested that they are aiming to move away from smtp. I've read the link provided and it says nothing of the sort beyond 'we prefer the api because it's quicker and more reliable'. After all, it's a mail sending service and mail sending is born from smtp.

[Entered by mobile. Excuse my spelling.]

Re: hMailServer and Sendgrid

Posted: 2020-10-20 21:54
by peterbata
jimimaseye wrote:
2020-10-20 21:49
Current users shouldn't worry about changing if they are happy with their service. I'm not sure why its suggested that they are aiming to move away from smtp. I've read the link provided and it says nothing of the sort beyond 'we prefer the api because it's quicker and more reliable'. After all, it's a mail sending service and mail sending is born from smtp.

[Entered by mobile. Excuse my spelling.]
You are absolutely right. I have been in touch with a gentleman in support and not once did he say that they were doing away with SMTP. By the way, I couldn't believe how quick he was in responding to my inquiries. I'm amazed. Thanks for chiming in @jimimaseye

Re: hMailServer and Sendgrid

Posted: 2020-10-20 23:14
by SorenR
Well... If 2FA is done like on Facebook it could work...

Every time I connect to Facebook on a new device I get a push notification asking if it is me... Nothing happens until I confirm. Once confirmed it stays active until deleted from list of "authorised" devices.