self-host icon indicating copy to clipboard operation
self-host copied to clipboard

Published 20 hours ago verified publisher icon bitwarden

Add checksmtp functionality for SMTP configuration verification

Open fer opened this issue 11 months ago • 2 comments

Description

Introduces the checksmtp command to the Bitwarden self-hosted management script, enabling administrators to easily verify the SMTP configuration directly from the command line. This functionality aims to streamline the troubleshooting process of email delivery issues by providing a quick and straightforward method to test the SMTP server connection, authentication, and secure communication.

Features

  • [x] Validates the connection to the SMTP server specified in the global.override.env file, ensuring that the Bitwarden instance can communicate with the mail server.
  • [x] Confirms the validity of the SMTP username and password, ensuring that Bitwarden is capable of authenticating with the SMTP server for email delivery.
  • [x] Verifies the secure communication with the SMTP server, based on the SSL configuration globalSettings__mail__smtp__ssl to ensure that emails are sent over a secure channel.

Usage examples

To use this functionality, run the following command from the Bitwarden self-hosted script directory:

./bitwarden.sh checksmtp

When SMTP configuration is wrong:

SMTP authentication failed or connection error occurred.

When SMTP configuration is right:

SMTP settings are correct.

Testing

Please review this PR for inclusion in the next release of Bitwarden self-hosted. Your feedback and suggestions are welcome!

fer avatar Mar 18 '24 12:03 fer

Logo Checkmarx One – Scan Summary & Details404a0a53-277f-481b-96d5-564e88dd38a3

No New Or Fixed Issues Found

bitwarden-bot avatar Mar 18 '24 12:03 bitwarden-bot

@vgrassia, thank you very much for your comments!

I've implemented the following enhancements:

  • Added a preliminary check to ensure openssl is installed before proceeding.
  • Modified the script to accept any 2xx SMTP status code as a successful response.
  • Modified the script to only attempt the AUTH section if both the username and password are provided and are not empty.

Currently, this script is designed to verify connectivity without sending any messages. However, I'm open to incorporating a feature to send a test message if we determine it's beneficial for our testing process.

Please let me know if you'd like me to proceed with that addition as your valuable suggestions.

fer avatar Mar 18 '24 16:03 fer

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Sep 25 '24 13:09 CLAassistant