0

I have an application running on a server located in a secure network. The application needs to access a few online resources, which required firewall and proxy settings to be setup. Currently everything (HTTPS & SFTP) is working, except for the sending of emails.

For the application, I had to configure it to use a socks proxy and a HTTP proxy (both setup via command line options)

-Dhttp.proxyHost=aaa.net
-Dhttp.proxyPort=8080
-Dhttp.nonProxyHosts="localhost|127.*|[::1]"
-DsocksProxyHost=socks5.aaa.net
-DsocksProxyPort=8081

From within the network, a proxy to access the SMTP server is not required, only firewall access had to be provided for the application server to access SMTP (successfully tested via a PowerShell script, see further below).

The java code to send an email currently looks like this:

properties.put("mail.smtp.auth", "false");
properties.put("mail.smtp.timeout", 5000); // I read somewhere in another post that increasing the timeout can help, but it didn't
properties.put("mail.smtp.starttls.enable", "true"); // also tried "false"
//properties.put("mail.smtp.ssl.trust", host);
properties.put("mail.smtp.host", host);
properties.put("mail.smtp.port", port);
// I tested the above configuration first, before adding the following. The result was the same (it didn't work)
properties.put("mail.smtp.socks.host", "socks5.aaa.net");
properties.put("mail.smtp.socks.port", 8081);

MailSSLSocketFactory sf = new MailSSLSocketFactory(); // I've tested with and without this, the result seems to be the same
sf.setTrustAllHosts(true);
properties.put("mail.smtp.ssl.socketFactory", sf);

session = Session.getInstance(properties);

Message message = createAndFillMessage( .... ); // all the blah blah for the message

Transport.send(message);

The following error is what I get when the code runs (the Network is actually reachable, see further below)

com.sun.mail.util.MailConnectException: Couldn't connect to host, port: smtp.aaa.net, 25; timeout -1; Using SOCKS host, port: socks5.aaa.net, 8081;
  nested exception is:
    java.net.SocketException: SOCKS: Network unreachable
    at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:2209)
    at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:740)
    at javax.mail.Service.connect(Service.java:366)
    at javax.mail.Service.connect(Service.java:246)
    at javax.mail.Service.connect(Service.java:195)
    at javax.mail.Transport.send0(Transport.java:254)
    at javax.mail.Transport.send(Transport.java:124)
Caused by: java.net.SocketException: SOCKS: Network unreachable
    at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:487)
    at java.base/java.net.Socket.connect(Socket.java:666)
    at java.base/java.net.Socket.connect(Socket.java:600)
    at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:359)
    at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:238)
    at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:2175)
    ... 8 more

What I find extra confusing is that I've tested SMTP (from the server) via a simple PowerShell script to send an email using Send-MailMessage and for the PowerShell script I didn't have to enter any proxy details, just a plain text connection, no authorization or anything special and it just worked ... however, everything I've tried within the Java application has failed so far.

My suspicion is that the problem lies with the fact that I had to configure a SOCKS proxy for the SFTP connection, which is now somehow interfering with (what should be) a simple SMTP call.

Currently, Java 19 (OpenJDK 19) is being used on the server.

Eric
  • 1,321
  • 2
  • 15
  • 30
  • 1
    Does this answer your question? [JavaMail - Setting up ports, proxy and firewall](https://stackoverflow.com/questions/19092938/javamail-setting-up-ports-proxy-and-firewall) – life888888 Apr 14 '23 at 07:47
  • Hello @life888888 the accepted answer from that question implies that I need to use a 3rd party library. I'm not keen on that idea because of security reasons. If possible I'd really like to stick with standard Java classes/methods. – Eric Apr 14 '23 at 08:12
  • Do you or don't you need to use the proxy to reach the SMTP server? Your question is not clear on that. Also, the question linked by life888888 doesn't suggest you need a third-party library: the top-voted answer tells you it is built-in... However, have you tried using one way to configure socks, and leave out the other. The _"SOCKS: Network unreachable"_ error suggest that it can't connect to the socks proxy (or possibly, that the SOCKS proxy can't reach smtp.aaa.net; not sure). – Mark Rotteveel Apr 14 '23 at 09:16
  • The test script I created using PowerShell does not need to use a proxy, I just provide the SMTP host and port and it works. As for the Java code, I have already test the code without the extra `mail.smtp.socks.host` properties, but the exception is basically the same. Regarding the linked post, the top-voted answer is what I already tried (see the code) – Eric Apr 14 '23 at 09:18
  • Ok, so the problem is probably that you don't need a proxy for SMTP, but the proxy is applied anyway, because you configured it with the `-DsocksProxyHost` and `-DsocksProxyPort`. I would recommend trying without those `-D` property and **without** the `"mail.smtp.socks.host` and `.port` property set to see if you can connect. If that works, you may need to use a custom SocketFactory to create the `Socket` with `new Socket(Proxy.NO_PROXY)`. – Mark Rotteveel Apr 14 '23 at 09:27
  • To be clear, I'm just guessing, but that is the debugging/analysis approach I would take. – Mark Rotteveel Apr 14 '23 at 09:27
  • Hello @MarkRotteveel Thanks, I like your `Socket(Proxy.NO_PROXY)` suggestion, I will take a look at that now. That is inline with what I suspect is going on... – Eric Apr 14 '23 at 09:32

0 Answers0