Watch, Follow, &
Connect with Us

For forums, blogs and more please visit our
Developer Tools Community.


Welcome, Guest
Guest Settings
Help

Thread: Exception class EIdSASLNotSupported: AUTH or SASL handlers



Permlink Replies: 4 - Last Post: Dec 22, 2016 11:10 AM Last Post By: Remy Lebeau (Te... Threads: [ Previous | Next ]
Patricio Cerda

Posts: 122
Registered: 3/13/01
Exception class EIdSASLNotSupported: AUTH or SASL handlers
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 21, 2016 10:01 AM
Hi,

I'm having troubles with the email reporting that are send from my application.
I notice that it start failing sometime between the Windows 10 upgraded or the C++ Builder Berlin 10.1 migrated, I'm not really sure when or why, but now it is not working and this is the error message: "exception class EIdSASLNotSupported with message 'Doesn't support AUTH or the specified SASL handlers!!'."

On my application I have a TIdSMTP component of version 10.6.2.5341 among many other SASL handlers components.

Following is the code where the error message is located. The SASLUsername and SASLPassword ara String variables.
if (!SASLUsername.IsEmpty() && !SASLPassword.IsEmpty())
{
   smtpClient->AuthType = satSASL;
   IdUserPassProvider1->Username = SASLUsername;
   IdUserPassProvider1->Password = SASLPassword;
}
else
{
   smtpClient->AuthType = satDefault;
}
try
{
   if(smtpClient->Connected() == false)
      smtpClient->Connect();
}
__finally
{
   smtpClient->Disconnect();
}
try
{
   smtpClient->Send(smtpMessage); // Here is failing and showing the error message
}
catch(const Exception &e)
{
   WriteLog(DateTimeToStr(Now()) + " --> Error en el envío del reporte automático de cierre de caja.\t" + String(e.Message));
}


I don't know which could be the problem nor how to solve it.
Any help would by appreciate.

Best regards,
Patricio Cerda
Mark Richards

Posts: 42
Registered: 12/8/99
Re: Exception class EIdSASLNotSupported: AUTH or SASL handlers
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 21, 2016 10:30 AM   in response to: Patricio Cerda in response to: Patricio Cerda
Patricio Cerda wrote:
Hi,

I'm having troubles with the email reporting that are send from my application.
I notice that it start failing sometime between the Windows 10 upgraded or the C++ Builder Berlin 10.1 migrated, I'm not really sure when or why, but now it is not working and this is the error message: "exception class EIdSASLNotSupported with message 'Doesn't support AUTH or the specified SASL handlers!!'."

On my application I have a TIdSMTP component of version 10.6.2.5341 among many other SASL handlers components.

Following is the code where the error message is located. The SASLUsername and SASLPassword ara String variables.
if (!SASLUsername.IsEmpty() && !SASLPassword.IsEmpty())
{
   smtpClient->AuthType = satSASL;
   IdUserPassProvider1->Username = SASLUsername;
   IdUserPassProvider1->Password = SASLPassword;
}
else
{
   smtpClient->AuthType = satDefault;
}
try
{
   if(smtpClient->Connected() == false)
      smtpClient->Connect();
}
__finally
{
   smtpClient->Disconnect();
}
try
{
   smtpClient->Send(smtpMessage); // Here is failing and showing the error message
}
catch(const Exception &e)
{
   WriteLog(DateTimeToStr(Now()) + " --> Error en el envío del reporte automático de cierre de caja.\t" + String(e.Message));
}


I don't know which could be the problem nor how to solve it.
Any help would by appreciate.

Best regards,
Patricio Cerda

Have you tried to create a simple test application?

e.g.
#include <IdBaseComponent.hpp>
#include <IdComponent.hpp>
#include <IdExplicitTLSClientServerBase.hpp>
#include <IdIOHandler.hpp>
#include <IdIOHandlerSocket.hpp>
#include <IdIOHandlerStack.hpp>
#include <IdMessageClient.hpp>
#include <IdSMTP.hpp>
#include <IdSMTPBase.hpp>
#include <IdSSL.hpp>
#include <IdSSLOpenSSL.hpp>
#include <IdTCPClient.hpp>
#include <IdTCPConnection.hpp>
 
void TEmail::TestEmailConnection()
{
	TIdSSLIOHandlerSocketOpenSSL * SSLIO = new TIdSSLIOHandlerSocketOpenSSL();
	TIdSMTP * SMTP = new TIdSMTP();
 
	try {
		SSLIO->SSLOptions->Method = sslvTLSv1;
		SSLIO->SSLOptions->Mode = sslmUnassigned;
 
		SMTP->AuthType = TIdSMTPAuthenticationType::satDefault;
		SMTP->Host = "REPLACE ME";
		if (UseSSL()) {
			SMTP->Port = 587;
			SMTP->IOHandler = SSLIO;
			SMTP->UseTLS = utUseExplicitTLS;
		}
		else
			SMTP->Port = 25;
		SMTP->Username = "REPLEACE ME";
		SMTP->Password = "REPLACE ME";
		SMTP->ConnectTimeout = 60000;
 
		try {
			SMTP->Connect();
			SMTP->Disconnect();
			if (UseSSL())
				Application->MessageBox(L"Connection to SSC-SMTP(SSL587) server is working!",L"Test Email Connection",MB_ICONINFORMATION|MB_OK|MB_APPLMODAL);
			else
				Application->MessageBox(L"Connection to SSC-SMTP(PORT25) server is working!",L"Test Email Connection",MB_ICONINFORMATION|MB_OK|MB_APPLMODAL);
		}
		catch (const Exception& E) {
			SMTP->Disconnect();
			ShowMessage(E.Message);
		}
	}
 
	__finally {
		delete SMTP;
		delete SSLIO;
	}
 


Just change REPLACE ME with proper values, and tinker with your settings until you can narrow down the error better, showing more code where you set the options etc may help other debug
Remy Lebeau (Te...


Posts: 9,447
Registered: 12/23/01
Re: Exception class EIdSASLNotSupported: AUTH or SASL handlers
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 21, 2016 11:00 AM   in response to: Patricio Cerda in response to: Patricio Cerda
Patricio wrote:

I notice that it start failing sometime between the Windows 10
upgraded or the C++ Builder Berlin 10.1 migrated, I'm not really
sure when or why

None of those updates would cause the error you are seeing.

but now it is not working and this is the error message:
"exception class EIdSASLNotSupported with message 'Doesn't
support AUTH or the specified SASL handlers!!'."

That error means you have connected to an SMTP server whose EHLO reply does
not indicate support for any of the SASL algorithms you have assigned to
the TIdSMTP.SASLMechanisms collection.

On my application I have a TIdSMTP component of version 10.6.2.5341
among many other SASL handlers components.

But not any that the SMTP server is expecting.

if (!SASLUsername.IsEmpty() && !SASLPassword.IsEmpty())
{
smtpClient->AuthType = satSASL;
IdUserPassProvider1->Username = SASLUsername;
IdUserPassProvider1->Password = SASLPassword;
}
else
{
smtpClient->AuthType = satDefault;
}</div>
 
I think you meant satNone instead of satDefault.  satDefault performs authentication 
using the AUTH LOGIN command (same as TIdSSASLLogin), but you are not assigning 
the username/password values to TIdSMTP's UserName/Password properties.  
satDefault does not use SASLMechanisms, and thus does not use TIdUserPassProvider.
 
Also, if you do mean to use satDefault, try setting TIdSMTP.ValidateAuthLoginCapability 
to False, as some servers do actually support AUTH LOGIN without claiming 
support for it.
 
You might also want to consider using '||' instead of '&&' in your 'if' statement.
 
<div class="jive-quote">try
{
if(smtpClient->Connected() == false)
smtpClient->Connect();
}
__finally
{
smtpClient->Disconnect();
}
try
{
smtpClient->Send(smtpMessage); // Here is failing and showing the error </div>
message
<div class="jive-quote">}
catch(const Exception &e)
{
WriteLog(DateTimeToStr(Now()) + " --> Error en el envío del reporte
automático de cierre de caja.\t" + String(e.Message));
}</div>
 
Why are you using a 'try/finally' to always call Disconnect() before you 
call Send()?  The code should look more like this instead:
 

try
{
if (!smtpClient->Connected())
smtpClient->Connect();
try
{
smtpClient->Send(smtpMessage);
}
__finally
{
smtpClient->Disconnect();
}
}
catch(const Exception &e)
{
WriteLog(DateTimeToStr(Now()) + " --> Error en el envío del reporte automático
de cierre de caja.\t" + String(e.Message));
}
{code}

--
Remy Lebeau (TeamB)
Patricio Cerda

Posts: 122
Registered: 3/13/01
Re: Exception class EIdSASLNotSupported: AUTH or SASL handlers
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 22, 2016 5:43 AM   in response to: Remy Lebeau (Te... in response to: Remy Lebeau (Te...
Hi Remy,

That error means you have connected to an SMTP server whose EHLO reply does
not indicate support for any of the SASL algorithms you have assigned to
the TIdSMTP.SASLMechanisms collection.

What is EHLO?

I think you meant satNone instead of satDefault. satDefault performs authentication
using the AUTH LOGIN command (same as TIdSSASLLogin), but you are not assigning
the username/password values to TIdSMTP's UserName/Password properties.
satDefault does not use SASLMechanisms, and thus does not use TIdUserPassProvider.

Also, if you do mean to use satDefault, try setting TIdSMTP.ValidateAuthLoginCapability
to False, as some servers do actually support AUTH LOGIN without claiming
support for it.

I don't sure if I'm using the correct settings. I want to use different email servers, depending on each of my customers, by now Gmail an Yahoo are the most used. I understand that they required authentication so I'm using satSASL with UserName/Parameters that are configured on the application as showed on the following code (modified as you suggested):

if (!SASLUsername.IsEmpty() || !SASLPassword.IsEmpty())
{
   smtpClient->AuthType = satSASL;
   IdUserPassProvider1->Username = SASLUsername;
   IdUserPassProvider1->Password = SASLPassword;
}
else
{
   smtpClient->AuthType = satNone;
}


In addition, I changed the following piece of code as you suggested, but the error message is not solved yet and still is the same until I changed the parameter UseTLS of TIdSMTP component to the value utUseRequireTLS, then it works well. The TIdSMTP.ValidateAuthLoginCapability was setting to True because I don't want to use satDefault but satSASL.

try
{
    if (!smtpClient->Connected())
        smtpClient->Connect();
    try
    {
        smtpClient->Send(smtpMessage);
    }
    __finally
    {
        smtpClient->Disconnect();
    }
}
catch(const Exception &e)
{
    WriteLog(DateTimeToStr(Now()) + " --> Error en el envío del reporte automático 
de cierre de caja.\t" + String(e.Message));
}

Debugging with a breakpoint at the line that fails, I could checked the following parameters:
smtpClient->AuthType is set to satSASL, IdUserPassProvider1->Username and IdUserPassProvider1->Password are well completed, and smtpClient->UseTLS is set to utUseRequireTLS.

Thanks for your help.

Best regards,
Patricio Cerda
Remy Lebeau (Te...


Posts: 9,447
Registered: 12/23/01
Re: Exception class EIdSASLNotSupported: AUTH or SASL handlers
Click to report abuse...   Click to reply to this thread Reply
  Posted: Dec 22, 2016 11:10 AM   in response to: Patricio Cerda in response to: Patricio Cerda
Patricio wrote:

What is EHLO?

It is an enhanced version of the original HELO command. It is the very first
command sent to an SMTP server, or after a delayed TLS session is started.
The EHLO response contains the server's current capabilities (supported
SASL authentications, optional commands/features that clients can use, etc).

In addition, I changed the following piece of code as you suggested,
but the error message is not solved yet and still is the same

As I said earlier, the specific error message you are seeing means none of
the SASLs in the TIdSMTP.SASLMechanisms collection match the SASLs that the
server is claiming to support. Which means either:

1. you forgot to add a needed SASL to the collection, or Indy does not implement
it.

2. the SMTP sesson is not currently in a state that supports any of the SASLs
in your collection (see below).

until I changed the parameter UseTLS of TIdSMTP component to the
value utUseRequireTLS, then it works well.

What did you have UseTLS set to before? And what port are you connecting
to? These things make a big difference in how SASL is used. Inside of an
SSL/TLS session, the server may change its reported capabilities, such as
allowing less secure authentications since the credentials are encrypted
when transmitted. Outside of an SSL/TLS session, servers tend to require
stronger authentications over an unsecure connection.

The TIdSMTP.ValidateAuthLoginCapability was setting to True because
I don't want to use satDefault but satSASL.

satDefault is the original implementation of the AUTH LOGIN command before
SASL was added (TIdSASLLogin is the same command in SASL). However, TIdSASLLogin
is not tied to ValidateAuthLoginCapability, so if a server "silently" supports
AUTH LOGIN then satSASL will not attempt to use it, but satDefault can.
Some servers do support AUTH LOGIN when SSL/TLS is used.

--
Remy Lebeau (TeamB)
Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02