go to  ForumEasy.com   
JavaPro  
 
 
   Home  |  MyForum  |  FAQ  |  Archive    You are not logged in. [Login] or [Register]  
Forum Home » Amazon AWS » Use Gmail SMTP server to send out mails from EC2
Email To Friend  |   Set Alert To This Topic Rewarding Points Availabe: 0 (What's this) New Topic  |   Post Reply
Author Topic: Use Gmail SMTP server to send out mails from EC2
AwsEC2
member
offline   
 
posts: 39
joined: 08/28/2012
from: CA
  posted on: 08/08/2022 06:40:28 AM    Edit  |   Quote  |   Report 
Use Gmail SMTP server to send out mails from EC2

Step 1. Setup Gmail account to be used from apps
Because of the overwhelming spam abuse of gmail from EC2 instances, effective May 30, 2022, gmail account was no longer used from less secure application. In that sense, the tightened measures are:
  • 2-step verification must be set first (to verify the identity of the owner)
  • only after 2-step verification, an app's passcode (16-chars) could be generated
  • Use the passcode to replace the previous password in your SMTP apps.


    Step 2. TLSv1.3 issue after JDK 8u265
    Because of the support of TLSv1.3 since JDK 8u265, some old SMTP mail apps might no longer be able to connect to Gmail 587 port after JDK upgrade. Before google makes the gmail server support TLSv1.3, the best approach is to specifically set the protocol which is working:
        Properties props = new Properties();
    props.setProperty("mail.smtp.auth", "true");
    props.setProperty("mail.smtp.starttls.enable", "true");
    props.setProperty("mail.smtp.ssl.protocols", "TLSv1.2");



    Step 3. Does AWS EC2 block port 587? How do I find it out?
    By default, AWS blocks all inbound traffic and hence you need to set up security groups with INBOUND rules to allow certain INBOUND traffic. But port 587 is on Gmail server which is considered as outbound traffic for AWS, and hence outbound traffic SMTP connected to 587 is not blocked.

    You can use telnet to find out.
    [root@ip-10-11-1-103 ec2-user]# yum install telnet -y
[root@ip-10-11-1-103 ec2-user]# telnet smtp.gmail.com 587
Trying 142.251.2.109...
Connected to smtp.gmail.com.
Escape character is '^]'.
220 smtp.gmail.com ESMTP a10-20020a170902ecca00b0016d1d1c376fsm5457732plh.287 - gsmtp
helo google
250 smtp.gmail.com at your service
ehlo google
250-smtp.gmail.com at your service, [10.11.1.103]
250-SIZE 35882577
250-8BITMIME
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8
QUIT
221 2.0.0 closing connection a10-20020a170902ecca00b0016d1d1c376fsm5457732plh.287 - gsmtp
Connection closed by foreign host.


    As it can be seen, the outbound traffic to smtp.gmail.com:587 is not blocked on AWS EC2
    •  Profile | Reply Points Earned: 0

     
    Powered by ForumEasy © 2003-2005, All Rights Reserved. | Privacy Policy | Terms of Use
     
    Get your own forum today. It's easy and free.