@tgoeg opened this Issue on January 3rd 2022

Expected Behavior

Using password reset or ./console core:test-emails should send out mails.

Current Behavior

I get errors when trying both, but no error messages that hint at the actual problem:

$ ./console core:test-email user<a class='mention' href='https://github.com/example'>@example</a>.org
2022-01-03 13:18:42 SERVER -> CLIENT: 220 mysmtp.example.org Microsoft ESMTP MAIL Service ready at Mon, 3 Jan 2022 14:18:41 +0100
2022-01-03 13:18:42 CLIENT -> SERVER: EHLO localhost.localdomain
2022-01-03 13:18:42 SERVER -> CLIENT: 250-mysmtp.example.org Hello [10.0.0.1]
                                      250-SIZE 37748736
                                      250-PIPELINING
                                      250-DSN
                                      250-ENHANCEDSTATUSCODES
                                      250-STARTTLS
                                      250-8BITMIME
                                      250-BINARYMIME
                                      250 CHUNKING
2022-01-03 13:18:42 CLIENT -> SERVER: STARTTLS
2022-01-03 13:18:42 SERVER -> CLIENT: 220 2.0.0 SMTP server ready
2022-01-03 13:18:42 SMTP Error: Could not connect to SMTP host.
2022-01-03 13:18:42 CLIENT -> SERVER: QUIT
2022-01-03 13:18:42 SERVER -> CLIENT:
2022-01-03 13:18:42 SMTP ERROR: QUIT command failed:
2022-01-03 13:18:42 SMTP Error: Could not connect to SMTP host.
ERROR [2022-01-03 13:18:42] 3635150  Uncaught exception: /var/www/matomo.example.org/vendor/phpmailer/phpmailer/src/PHPMailer.php(2153): SMTP Error: Could not connect to SMTP host. [Query: , CLI mode: 1]

  [PHPMailer\PHPMailer\Exception]
  SMTP Error: Could not connect to SMTP host.

core:test-email emailAddress

Possible Solution

My SMTP server has a self-signed certificate. I'm trying to get people to fix that as well (as this would be the better solution), but wanted to report the problem here anyway.

Another option would be adding the CA's certificate to the matomo host so its self-signed certificates could be trusted.

What makes it work as well is changing vendor/phpmailer/phpmailer/src/PHPMailer.php

 331     /**
 332      * Options array passed to stream_context_create when connecting via SMTP.
 333      *
 334      * <a class='mention' href='https://github.com/var'>@var</a> array
 335      */
 336     // public $SMTPOptions = [];
 337     public $SMTPOptions = [
 338         'ssl' => [
 339             'verify_peer' => false,
 340             'verify_peer_name' => false,
 341             'allow_self_signed' => true,
 342         ]
 343     ];

However, that's a bad location to fix this issue.
My suggestion would be to

  • improve the error message (however, setting public $SMTPDebug = 0; to 4 did not improve it..); I am not a developer, maybe PHPMailer can offer better debugging info and I just do not know how to improve it. Probably at least add a hint in the error messages? echo QUIT | openssl s_client -starttls smtp -crlf -connect mysmtp.example.org:25 quickly showed the error for example

  • provide a config option to allow self-signed certificates

Steps to Reproduce (for Bugs)

  1. Setup mail server with self-signed certificate and STARTTLS capabilities
  2. Configure matomo to use it
  3. Use ./console core:test-email user<a class='mention' href='https://github.com/example'>@example</a>.org or perform a password reset to get the error.

Context

Resetting a user password is currently impossible in this context.

Your Environment

  • Matomo Version: 4.6.2
  • PHP Version: 7.4
  • Server Operating System: Ubuntu 18.04
  • Additionally installed plugins: irrelevant
@crypticrabbit commented on January 19th 2022

Hello,
I'm having a similar issue, as my mail server has a valid TLS cert, however, since Matomo accesses the mail server over the LAN (and I don't use split DNS or anything) the TLS certificate is not seen by Matomo as valid.

The steps in OPs "Possible Solution" resolved the issue for me, but I agree their should be an easier config option for self signed certs. Even if self signed aren't ideal, there are real use cases where a cert won't chain correctly.

Cheers!

@kenji-fire commented on February 19th 2022

Hi,
I had the exact same issue and changing the settings in the vendor folder helped solving the issue.
Still a better way managing this would be over the main conf.ini.php file because the vendor folder can be overwritten upon updating.
I hope that this will get an official fix soon.
Cheers!

@atom-box commented on March 23rd 2022

A user wrote yesterday:

  1. We upgraded to version 4 from version 3 and reports are no longer being sent out. I created a forum topic but haven't seen any replies. I was wondering if you can offer some advice on the best way to correct the issue. We have hundreds of sites with reports so a DB or programmatic fix would be ideal.

    we are seeing the error:
    Scheduler: Error Missing parameter : displayFormat for task

    /usr/share/nginx/html/matomo/plugins/ScheduledReports/API.php(724): Warning - Invalid argument supplied for foreach() - Matomo 4.8.0 - Please report this message in the Matomo forums: https://forum.matomo.org (please do a search first as it might have been reported already)

  2. When following the above suggestion (thanks @tgoeg) the problem persisted. I tested sending an email from the console and it went through without any issue.

Any other ideas about what it could be or could it still be related to the mailer even though the test went through?

I confirmed if I go to generate a new report, it does in fact get delivered. It appears their is a configuration change from previous Matomo versions that is causing the older reports to fail.
Scheduler: Error Missing parameter : displayFormat for task
Can this field be updated through a SQL command?

@MatomoForumNotifications commented on March 23rd 2022

This issue has been mentioned on Matomo forums. There might be relevant details there:

https://forum.matomo.org/t/scheduler-error-missing-parameter-displayformat-for-task/45239/2

@Starker3 commented on November 10th 2022 Contributor

We have users who are still experiencing this issue. At present they need to manually overwrite the PHPMailer files in the vendor folder every time they update.

@mattab commented on November 13th 2022 Member

Proposed steps:

  • improve the error message in console command (hopefully it's possible)
  • introduce INI settings under [mail] section in global INI file
; set to 0 to allow email server with self signed cert
ssl_disallow_self_signed = 1
; set to 0 to ... 
ssl_verify_peer = 1
; set to 0 to ... (not recommended)
ssl_verify_peer_name = 1
  • Create a FAQ that mentions the console error message + the solution with the new INI setting (so that people searching for the error will find it) eg. "How do I configure Matomo to send emails when a self-served certificate is used, or SSL doesn't work?" or so
@tgoeg commented on November 14th 2022

Sounds reasonable, thanks in advance!

@peterhashair commented on November 16th 2022 Contributor

@mattab just clear the, we just do a simple INI for this, or do we do an event as @sgiehl suggests?

@mattab commented on November 18th 2022 Member

simple INI sounds good for now

This Issue was closed on December 7th 2022
Powered by GitHub Issue Mirror