Gmail SMTP is not working in ec2 instance

Question

i am using Ubuntu based ec2 instance, recently i have shifted my code on aws and it seemed email functionality is not working. I am using gmail SMTP service below is my code

'Smtpmail'=>array(
        'class'=>'application.extensions.smtpmail.PHPMailer',
        'Host'=>"smtp.gmail.com",
        'Username'=>'username',
        'Password'=>'password',
    'From'=>'from addr', 
    'setForm'=>'from name',
        'Mailer'=>'smtp',
    'SMTPSecure'=>'tls',
        'Port'=>25,
        'SMTPAuth'=>true, 
    ),

this code is working on my unix based server but on aws it is giving below error

Mailer Error: The following From address failed: [email protected] : MAIL not accepted from server,530,5.5.1 Authentication Required. Learn more at 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 y6sm27370508qen.21 - gsmtp

Please help

Answer 1

MAIL not accepted from server

Because of the spam abuse that has historically been sent from people using EC2 instances, virtually ALL popular mail providers block the receipt of email from EC2 instances. The world of email and anti-spam measures is part-technical, part-political. For this reason, AWS offers Amazon Simple Email Service.

AWS works with mail providers to ensure that the nodes used by SES have been whitelisted because we do proper authorization/verification up-front.

In this case, the ability to send email from one server but not AWS is, in all likelihood, due to EC2's IP range being blacklisted by Google.

Authentication Required

If the same user/pass works elsewhere without changes, I'm not sure what to say. I know that lots and lots of mail traffic no longer uses port 25, opting instead for 587 for non-SSL and 465 for SSL. That's the first place I'd start poking to find a solution.

Answer 2

Using a TLS connection (port number: 587) on AWS Lambda.

How I solved the problem:

1. In your GMAIL account, turn on 2-factor authentication. This can be found under security settings when you go to general settings for your account.
2. Create a new App Password. (The field is right below the 2-factor). You can call it whatever you want. Just make sure to copy it.
3. Use that for your previous password.

I did that and I can send emails from AWS Lambda with no problem.

Note: You can't have "Less Secure Apps" turned on for this option. This will require you to use the App password for every application you use this email for. I had to make a few different passwords for the different apps that I use a random Gmail account for.

I got the idea from SMTP Authentication Error 534.

Answer 3

This has nothing to do with your ec2 instance (unless the relevant outbound ports are closed) but with the fact that Gmail really doesn't like a connection it can't identify. As stated in the thread, make sure you go to https://www.google.com/settings/security/lesssecureapps.

Then, once your instance tries to connect to the SMTP server (by sending an email in your web app I suppose), connect to your mail client with the gmail account credentials used for the SMTP connection (Gmail, thunderbird, whatever you normally use). You will have then received an email from google stating that there was some suspicious activity and that they blocked the connection, just tell them that the ec2 instance IP was indeed you and you will be all set.

Answer 4

I was using a Gsuite account. For me, it worked with the following steps

1. Make sure you have 2 step verification enabled

2. Generate App password from myaccount.google.com -> security (from left panel) -> 2-step verification (under "signing in to google" section)

3. Once 2 step verification is enabled then generate the app password.

4. Use that app password in your config/mail.php on .env along with the following settings

   MAIL_DRIVER=smtp MAIL_HOST=smtp.gmail.com MAIL_PORT=587 MAIL_USERNAME= MAIL_PASSWORD= MAIL_ENCRYPTION=tls

5. Open the terminal/ command prompt and connect to the EC2 server and run the following commands to clear config and cache

   php artisan config:cache php artisan cache:clear

6. If that still does not work then click on the following link (Make sure you are logged in with the account which you want to use to send email via Gsuite) https://accounts.google.com/DisplayUnlockCaptcha

Answer 5

This only need to verify gmail account when u login from another ip address it will ask for verification that you are the same person same thing happen here it is not verified from amazon web server IP so it require to authenticate your IP.

Do only one thing will solve the issue. Login remotely on aws server and login your gmail account from here it will ask for verification give it and your mail will work easily.

Answer 6

If you use port 25 for SMTP you need to open SMTP port on EC2 instance security group inbound rules.

Note: Gmail does not offer port 25 in an unsecured connection. For use port 25 secure connection are required as per gmail Configuration requirements

Read this question & answer

How do I use Gmail SMTP with port 587 on AWS EC2?

Answer 7

Go to https://www.google.com/settings/security/lesssecureapps and set Access for less secure apps to On

This gmail security option if on Off detects if there is inhabitual connexion pattern and block the connexion unless you verify your identity, but you need a web interface to do so.