lavish root
I came across the following KB which states that authenticated SMTP has been supported since ONTAP version 9.15:
NetApp KB - Can the username and password for the SMTP server be specified when setting up the SMTP server for event notification?
I've configured it accordingly on version 9.16.1P5, but it's not working as expected yet.
One thing that concerns me: when I run event config show, the password appears in plain text.
Has anyone else experienced this behavior?
verbal vapor
STARTTLS support introduced in ONTAP 9.15.1 only applies to AutoSupport SMTP messages. EMS event notifications via SMTP do not support STARTTLS.
uneven bone
STARTTLS and authentication are two different independent things
STARTTLS is indeed only for ASUP and can be configures via autosupport modify ... -smtp-encryption start_tls. Authentication should work with both, ASUPs (by specifying autosupport modify -mail-hosts user@host.example.com) and with event destinations (via event config modify -mail-server-user foo followed by event config set-mail-server-password)
I'm confused as to where in event config show this would show up though (as plaintext even)
lusty elm
Here's the feature request for STARTTLS support for event config:
uneven bone
note that OP's question was not about START_TLS but about the SMTP authentication.
@lavish root how did you specify the username and password in the event config? can you paste the output of event config show (obviously edit the password before posting)?
lavish root
I followed this KB to specify the username.
::> event config modify -mail-server 192.168.0.61:587 -mail-server-user mySMTPUser
::> event config set-mail-server-password
Enter the password::
Confirm the password::
and the output of event config show command
ClusterA::> event config show
Mail From: myuser@mydomaine.com
Mail Server: mydomain.com:password@smtp-host:587
Mail Server User: myuser
Proxy URL: -
Proxy User: -
Publish/Subscribe Messaging Enabled: true
ClusterA::>
I just changed the confidential information to standard names.
lusty elm
Just did the same on a 9.16.1P5 system, I don't see any password:
cluster::*> event config modify -mail-server mailserver.hostname:587 -mail-server-user test12
cluster::*> event config set-mail-server-password
Enter the password::
Confirm the password::
cluster::*> event config show
Mail From: admin@lab.local
Mail Server: mailserver.hostname:587
Mail Server User: test12
Proxy URL: -
Proxy User: -
Publish/Subscribe Messaging Enabled: true
Suppression: on
Console: on
Max Target Log Size: 36700160
Max Filter Count: 50
Max Filter Rule Count: 256
Max Destination Count: 20
Max Notification Count: 20
Filter Exempt from Suppression: no-info-debug-events
Duplicate Suppression Duration (secs): 120
Log Rotation Size (bytes): 40MB
REST API Delivery Timeout (secs): 60
Filter for Publish/Subscribe: no-info-debug-events
The password appears for me in the mail server field with the name and user mail server. I will look into why this is happening and let you know the solution.
After several tests, I noticed that when I run this command:
ClusterA::> event config modify -mail-from cluster@mydomain -mail-server HostSMTPServer:587 -mail-server-user notification and ClusterA::> event config set-mail-server-password
Enter password:
Confirm password:
I still have the password appearing in the mail host field,
but if I then type the command ClusterA::> event config modify -mail-server HostSMTPServer.com:587 I don't have the password appearing, but I still wonder if the user and password are still retained to use the same account.
uneven bone
yeah this is weird. it shouldn't show up there
lavish root
Hello,
Please be careful with the SMTP configuration when using authenticated users: the password is visible in clear text with a simple event config show command.
Just to give you an update, I opened a support ticket regarding this issue. They were able to reproduce the problem and created a KB article, but the issue has not been resolved yet.
https://kb.netapp.com/on-prem/ontap/Ontap_OS/OS-Issues/CONTAP-630950
