SUMMARY
Steps to troubleshoot Unitrends Backup System failure to send email notifications.
ISSUE
Purpose
Troubleshoot Unitrends Backup System failure to send email notifications.
Description
Email notifications are never received by specified recipient.
Office 365 not using the correct domain:
https://www.unitrends.com/blog/send-mail-notifications-office365
Please ensure you are NOT using smtp.office365.com - You will want to use the YOURDOMAIN-com.mail.protection.outlook.com
SMTP traffic blocked by environment AND Gmail
Configure the Unitrends Backup System to relay mail through an external SMTP server via the submission port, which is port 587.
To configure the SMTP server, do the following in the Unitrends Backup System user interface:
-Go to Configure > Appliances, edit appliance and Email tab.
-Fill in SMTP server.
-If necessary, check the box next to ‘SMTP Server Authentication Required.’ If authentication is required, fill in the username and password fields. (Auth is required for Gmail),
-Fill in the Test Email Address field
-Be aware How do I change the 'from' address and domain for email reports will not reflect the UI test
-Click Confirm
In the console/shell of the Backup System:
Connect to your appliance through the console (Press Alt+F2 to access the command line) or via SSH using PuTTY or another utility to SSH to your appliance's IP address through port 22. You will need to know the root OS password which can be reset via console access.
- vi /etc/mail/sendmail.mc
-Locate the following line: <- Validate relay via: How to Send Mail Notifications to Office365
define(`SMART_HOST`,`smtp.gmail.com')
-Note: smtp.gmail.com will be replaced with the SMTP server you specified above.
-Insert the following two lines AFTER the SMART_HOST line above:
- define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
- define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
-Save the file
-Issue the following command at the shell prompt
- m4 /usr/share/sendmail-cf/m4/cf.m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
- service sendmail restart
Domain alias in /etc/hosts
-Login to the Backup System user interface, and go to Clients, Networks, and Notifications.
-Click on Networks, then Hostname.
-Change the Fully Qualified Hostname entry to a fully hostname, ie. backup.domain.com, instead of just domain.com.
-Go up one level in the UI menu to Networks, and click on Hosts. Remove any host aliases for domain.com.
Test Email Transport
-Connect to your appliance through the console (Press Alt+F2 to access the command line) or via SSH using PuTTY or another utility to SSH to your appliance's IP address through port 22. You will need to know the root OS password which can be reset via console access.
-From the command line, send a test message to yourself, ie.
- echo Subject: test; echo; echo test|/usr/sbin/sendmail -Am -i -f sender@domain.com -v user@domain.com
-add '-f sender@domain.com' to test replacing the sender address with the from address designated in the master.ini ReportFrom field. Without this flag the test will use root@hostname instead.
-This command will "walk" the SMTP process and will report any failures in the output (DNS resolution failures, authentication failures, etc). If the message sends successfully, at the end you will see "Message queued for delivery" or in some cases OK SENT (depends on the type of server doing the relay).
-You can also tail the maillog:
- tail -f /var/log/maillog
Hit CTRL-c to exit tail.
-We could also run 'mail'
[root@Uni01 ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 77 messages 9 new 75 unread
U 59 Mail Delivery Subsys Thu Aug 20 14:02 68/2701 "Warning: could not send message for past 4 hours"
U 60 Mail Delivery Subsys Thu Aug 20 15:02 68/2701 "Warning: could not send message for past 4 hours"
Additional Troubleshooting
-If you reboot the system and the mail will not flow need to check that the service is set to start on boot.
# chkconfig --list |grep sendmail
sendmail 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@Unitrends-Hampton log]# chkconfig sendmail on
[root@Unitrends-Hampton log]# chkconfig --list |grep sendmail
sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Google may require the account to be "unlocked" in order to do this the customer will need to visit: http://www.google.com/accounts/DisplayUnlockCaptcha
Also see https://support.google.com/mail/answer/14257 for more information on Gmail account issues.
SMTP traffic blocked by environment:
Many network firewalls and internet service providers block or filter outgoing traffic on the default SMTP port, 25, in order to prevent the sending of unsolicited bulk email, or spam, from their networks. This prevents the Unitrends Backup System from successfully sending email notifications.
Gmail:
Gmail will not relay mail via port 25, thus attempts to send mail via the default configuration will fail.
Gmail use port 587, requires authentication, and the account used must have both "Less Secure Apps" turned ON and 2-Step Authentication turned OFF. Authentication will fail otherwise.
NOTE: As of May 30, 2022, Google no longer supports the "Less Secure Apps" feature with free gmail accounts. This limitation does not apply to Google Workspace.
GApps
Gapps, or Google Apps, has unique requirements in comparison to Gmail. Please use Gmail, not Gapps, for relay from Unitrends devices.
Top-level domain alias in /etc/hosts:
Often, customers will mistakenly enter their toplevel domain name in the Fully Qualified Host Name field under Settings / Clients, Networing, & Notifications / Networks / Hostname.
This creates an alias in the /etc/hosts file pointing their domain name to the IP address of the Backup System. Consequently, the Backup System sends all mail for given domain to itself, and usually fails with the error “User unknown.”
Passwords:
Sendmail doesn't support certain special characters: Pound/Hash #, Equals-sign =, and colon : are not supported characters and will result in bad username and password errors when testing email transport. Also do not use the quotation mark in any password ".