©XSIBackup SMTP client, things to take on account.
Please note that this post is relative to old deprecated software ©XSIBackup-Classic. Some facts herein contained may still be applicable to more recent versions though.
For new instalations please use new ©XSIBackup which is far more advanced than ©XSIBackup-Classic.
TIPS:
• If you use special characters in the e-mail password field, please do remember to enclose the password between double quotes.
• Since version 5.0.0 XSIBackup can use gmail.com servers. If you cannot get it to work with other SMTP server you can always get a free accout at gmail.com.
Please note that you need to enable
"Less Secure Apps"
for your GMail account to work with XSIBackup.
• If you use special characters in the e-mail password field, please do remember to enclose the password between double quotes.
• Since version 5.0.0 XSIBackup can use gmail.com servers. If you cannot get it to work with other SMTP server you can always get a free accout at gmail.com.
Please note that you need to enable
"Less Secure Apps"
for your GMail account to work with XSIBackup.
Take into account:
XSIBackup sends its e-mail reports by PIPELINING http://tools.ietf.org/html/rfc2920 the SMTP protocol to a SMTP server where we have an account, username & password. It uses AUTH-PLAIN authentication, optionally over TLS by issuing a secure renegotiation over the standard SMTP port (25|587), this means the username and password will not be truly encripted (when TLS is not used, see the man page for full details http://33hops.com/xsibackup-help-man-page.html) but just coded using Base 64 algorithm, this means they are practically sent as plain text when the --smtp-sec flag has not been set to TLS.
How does it work?:
There are some e-mail submision variables that you can set in the XSIBackup argument list. This variables will allow XSIBackup to communicate with the SMTP server to deliver its reports. This are the most important:
--smtp-srv: the SMTP server as an IP or resolvable address.
--smtp-port: the port the SMTP server is listening on.
--smtp-usr: the SMTP username, generally the e-mail address, not always though.
--smtp-pwd: the SMTP password associated to the username above.
--smtp-auth: if you set it to "none", the SMTP client will not use any password, just the username. Valid for open relays, generally inside controlled LANs.
--smtp-sec: security method used to stablish a conversation with the SMTP server. Set it to "TLS" or don't set it at all for no encryption.
--mail-from: the e-mail address that will be set as the sender.
--mail-to: the comma separated list of e-mail addresses that will receive a copy of the e-mail report.
The above list of addresses will be split by the comma, the first valid (complying with a valid e-mail address format) address will be appended as the TO: header. The rest of valid e-mail addresses will be added as RCPT TO: headers. The non-valid e-mail addresses will be ignored.
SMTP Compatibility Issues.
We have received some requests of people that have had issues trying to send the backup report through some of their SMTP servers. First of all you have to make sure your SMTP server accepts AUTH-PLAIN authentication, it also should accept PIPELINING as per http://tools.ietf.org/html/rfc2920 so that many SMTP commands can be sent in a row. Most of modern SMTP servers do support PIPELINING, so you should not have much problems.
| Example of a SMTP protocol conversation |
|
Opening port 25 for SMTPout service... 220 smtp.mandrillapp.com ESMTP 250 ip-101-33-33-33 250-ip-101-33-33-33 250-PIPELINING 250-SIZE 26246500 250-STARTTLS 250-AUTH PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250 8BITMIME 334 XNlcm35hbWU36 334 UGFz34j345dvQ6 235 2.7.0 Authentication successful 250 2.1.0 Ok |
You can tell that PIPELINING is enabled if you receive a 250 - PIPELINING in the SMTP conversation as in the example above.
We have tested XSIBackup with a number of SMTP servers and have found some bugs that have already been corrected in previous versions, you can check some URLs like this one at Sourceforge: SMTP client discussion. In any case the e-mail submission feature has been working with the vast majority of SMTP servers from version 3.0.1
Since version 4.2.4 command --smtp-auth (none | plain) is fully supported and is documented in the program's help. If you don't provide a string for the --smtp-auth option, plain will be used as the default value. This means you do not need to parse this argument unless you are using an open relay inside your LAN and then you should use --smtp-auth=none, this will cause XSIBackup not to provide an authentication scheme string nor username nor password so they are useless in case none is set.
We have tested this with Microsoft's SMTP server 2003/2008/2012 -The different versions of Microsoft's SMTP server are very similar and in some cases are the same like Win7/2008, so you should be able to use even an old Windows 2000 box- and with Postfix. You should not encounter much problems with other servers though. If you give as feedback on wich SMTP servers you are using we will add them to this table in case they work OK.
Servers tested with --smtp-auth=none (as open relay inside LAN with IP access control):
Microsoft SMTP server (XP/Vista/Win7/2003/2008/2012)
Postfix
We will improve the SMTP client inside XSIBackup to maximize the compatibility with every SMTP server out there, but every mail server has a mailmaster and we cannot guarantee 100% of mail servers will accept messagges from XSIBackup. Try different SMTP servers or you can always have the posibility to use a private SMTP server that comes with almost every OS out there and that is fairly easy to configure.
SMTP TLS (from version 4.3.0)
Since version 4.3.0 XSIBackup allows to communicate with an SMTP server that supports TLS secure SMTP authentication scheme. As you can see at the end of the script:
mail_input | openssl s_client -starttls smtp -connect ${smtpsrv}:${smtpport}
The result of mail_input, that outputs the SMTP conversation along with the e-mail HTML is parsed to "openssl s_client" to start a TLS secured session. Many SMTP servers will accept this type of SMTP conversation in which a plain connection is stablished with the regular SMTP port and then a flag is issued to start a key exchange and tunnel the e-mail through a secure connection.
GMail
XSIBackup is compatible with GMail servers, but this does not mean that you can just parse your user and password to gmail.com and it will work. For XSIBackup to work with GMail servers, you first have to enable Less Secure Apps for your account, once you have done so you can use the following:
--smtp-srv=smtp.gmail.com --smtp-port=465 --mail-from=you@gmail.com --smtp-usr=you@gmail.com --smtp-pwd=yourpassw0rd --smtp-auth=yes --smtp-sec=TLSDaniel J. García Fidalgo
You can alternatively use this auth string in the conf/smtpsrvs file
1;smtp.gmail.com:465;you@gmail.com;you@gmail.com;yourpassw0rd;yes;TLS;0
33HOPS
