SMTP should be fully functional at this point. Did you already refer to the Admin Docs for your set up? Are you seeing any error messages, or are your emails not being received?
There are 2 ways users can join your Forem: sign up or invitation. If you choose invitation you need SMTP to send the invitations; if you choose sign up, but have SMTP settings configured, users will need to confirm their email address to complete their sign up process (they can do this from the sign in page, thanks to this PR). I believe this is the case even if sign up takes place with OAuth, but can't be sure without asking the team.
As you've discovered, if your SMTP settings fail, all those users will be locked out of their accounts until you can fix the settings, because the Forem believes it has sent the emails and is expecting a confirmation. The same goes for any user accounts you may have for your own access, except the First User, so please ensure that you have access to your First User account.
I'm trying to get more info for you about rolling back SMTP settings to revert the email confirmation trigger. In the meantime, maybe we can try to troubleshoot your SMTP settings and get your emails working?
UPDATE: did you already try clearing all the fields in SMTP settings and saving those changes to reset the vars?
I am an Engineering Physics graduate from IIT Guwahati, but merely not restricted to Physics itself. In the past few years, I involved in many Cybersecurity blogging and now on Open-source.
Yes, clearing all the fields but after the pressing the update button, they are being reconfigured automatically to the previous values. In a way, I can update my settings to another SMTP settings, but unable to keep any of the SMTP VAR values Blank. Keeping them blank resulting in automatically configured to previous values.
For now, to solve this issue; I added a domain restriction => Which will forces the user to signup using my configured OAUTH(Github and Twitter) by restricting the email signup.
UPDATE:
Also an email-resgistered user (without email verification) can also automatically activate his account, by re-authenticate using his Github or Twitter (If his Github/Twitter account's email address matches with the sign-up email )
Smart thinking on forcing users into OAuth (although I'm still not 100% sure whether that fixes the issue of access - can you confirm if it worked for your users?).
We're looking into the issue you've encountered with removing SMTP settings and will try to get you an answer as soon as possible. Thanks for your patience and persistence, @akhil
!
Just out of curiosity, do you know what was it about your SMTP settings that didn't work?
I am an Engineering Physics graduate from IIT Guwahati, but merely not restricted to Physics itself. In the past few years, I involved in many Cybersecurity blogging and now on Open-source.
I am an Engineering Physics graduate from IIT Guwahati, but merely not restricted to Physics itself. In the past few years, I involved in many Cybersecurity blogging and now on Open-source.
Expecting this case, I made one of my Github authenticated accounts as super-admin. So I can safely test this scenario => I notify the status in just a minute.
Update: No issue of authentication with the First User (User ID: 1), I can safely login.
I am an Engineering Physics graduate from IIT Guwahati, but merely not restricted to Physics itself. In the past few years, I involved in many Cybersecurity blogging and now on Open-source.
I found the possible issue location, which might give incentives to the dev team. I will also update the post accordingly.
Both the Sendgrid and Sendinblue SMTP details are working, I confirmed this by using the send_email feature within the admin panel(people section). Also, the during the forget password the user was able to receive a password reset instructions.
I am an Engineering Physics graduate from IIT Guwahati, but merely not restricted to Physics itself. In the past few years, I involved in many Cybersecurity blogging and now on Open-source.
So, the issue was resolved with one exception of unable to reset the values to "No Value". Like, unfortunately, I was not able to remove the domain restriction in signup.
How SMTP issues can be resolved.
Unset and Re-SET the default_email from the server (cannot be done using Admin panel).
If domain was not authenticated in send-grid, we should create a sender email within send-grid with the same email as of default_email and not as noreply@example.com
But there are some issues with previous users, but new users have no issues; so configuring SMTP as early as possible in Forem Admin setup should be encouraged.
Persisting Issue
As mentioned above and many times, the admin was not able to undo the changes to no value.
Admin should have the ability to reset the changes he has done. Even though the problem with SMTP was resolved, I cannot remove domain restriction and added gmail as an acceptable domain(which is a bit weird)
if domain was not authenticated in send-grid, we should create a sender email within send-grid with the same email as of default_email and not as noreply@example.com
Ultimately, we can't account for every possible combination of user error, and our documentation attempts to address the issue of domain authentication for Sendgrid as well as other transactional mail providers. If we create conditional settings for specific email providers, we then take on responsibility for maintenance and upkeep of those settings as email providers change their own protocols. Our roadmap plans to broaden the possible reach of Forem, rather than tailor the product to specific third-party services, so instead we do our best to maintain documentation and continue to urge people to address the docs with their questions.
configuring SMTP as early as possible in Forem Admin setup should be encouraged.
Following the documentation as advised in the repo would lead users to understand the importance of SMTP creation earlier in the process. Maybe we need to push the docs harder so users understand that they should probably read ahead rather than choose their own adventure?
I am an Engineering Physics graduate from IIT Guwahati, but merely not restricted to Physics itself. In the past few years, I involved in many Cybersecurity blogging and now on Open-source.
SMTP should be fully functional at this point. Did you already refer to the Admin Docs for your set up? Are you seeing any error messages, or are your emails not being received?
There are 2 ways users can join your Forem: sign up or invitation. If you choose invitation you need SMTP to send the invitations; if you choose sign up, but have SMTP settings configured, users will need to confirm their email address to complete their sign up process (they can do this from the sign in page, thanks to this PR). I believe this is the case even if sign up takes place with OAuth, but can't be sure without asking the team.
As you've discovered, if your SMTP settings fail, all those users will be locked out of their accounts until you can fix the settings, because the Forem believes it has sent the emails and is expecting a confirmation. The same goes for any user accounts you may have for your own access, except the First User, so please ensure that you have access to your First User account.
I'm trying to get more info for you about rolling back SMTP settings to revert the email confirmation trigger. In the meantime, maybe we can try to troubleshoot your SMTP settings and get your emails working?
UPDATE: did you already try clearing all the fields in SMTP settings and saving those changes to reset the vars?
Yes, clearing all the fields but after the pressing the update button, they are being reconfigured automatically to the previous values. In a way, I can update my settings to another SMTP settings, but unable to keep any of the SMTP VAR values Blank. Keeping them blank resulting in automatically configured to previous values.
For now, to solve this issue; I added a domain restriction => Which will forces the user to signup using my configured OAUTH(Github and Twitter) by restricting the email signup.
UPDATE:
Also an email-resgistered user (without email verification) can also automatically activate his account, by re-authenticate using his Github or Twitter (If his Github/Twitter account's email address matches with the sign-up email )
Smart thinking on forcing users into OAuth (although I'm still not 100% sure whether that fixes the issue of access - can you confirm if it worked for your users?).
We're looking into the issue you've encountered with removing SMTP settings and will try to get you an answer as soon as possible. Thanks for your patience and persistence, @akhil !
Just out of curiosity, do you know what was it about your SMTP settings that didn't work?
I configured an account in this way.
But, when if I tried to login using email-id and password; it is asking me to confirm my account.
Is it also asking you to confirm your account as user ID 1 or just all other users?
Expecting this case, I made one of my Github authenticated accounts as super-admin. So I can safely test this scenario => I notify the status in just a minute.
Update: No issue of authentication with the First User (User ID: 1), I can safely login.
Ok, at least that is working as expected! Thanks for confirming :)
I found the possible issue location, which might give incentives to the dev team. I will also update the post accordingly.
Both the Sendgrid and Sendinblue SMTP details are working, I confirmed this by using the send_email feature within the admin panel(people section). Also, the during the forget password the user was able to receive a password reset instructions.
Great to hear that! Looking forward to getting more info on this one from you, and appreciate your perseverance as always!
So, the issue was resolved with one exception of unable to reset the values to "No Value". Like, unfortunately, I was not able to remove the domain restriction in signup.
How SMTP issues can be resolved.
default_email
from the server (cannot be done using Admin panel).default_email
and not asnoreply@example.com
Persisting Issue
no value
.Thanks for updating this post, @akhil
there is a current PR for being able to clear the fields for SMTP settings that should help fix some of the issues you're experiencing.
Ultimately, we can't account for every possible combination of user error, and our documentation attempts to address the issue of domain authentication for Sendgrid as well as other transactional mail providers. If we create conditional settings for specific email providers, we then take on responsibility for maintenance and upkeep of those settings as email providers change their own protocols. Our roadmap plans to broaden the possible reach of Forem, rather than tailor the product to specific third-party services, so instead we do our best to maintain documentation and continue to urge people to address the docs with their questions.
Following the documentation as advised in the repo would lead users to understand the importance of SMTP creation earlier in the process. Maybe we need to push the docs harder so users understand that they should probably read ahead rather than choose their own adventure?
Now the PR was merged and the issue was resolved. I also updated the post accordingly.
Great news! Glad to hear it's working for you now!