Yeah, you have to use the first script which makes use of openssl. Try running it from the command line in a SSH session. You have to make sure to give it full login and password information (see the notes in the script on usage).
I'll take a few minutes to modify the old script to behave like the new one, but still while using openssl.
Let me know if you're able to send an email from the command line with the original script.
Here's a revised version of the ORIGINAL script that still uses openssl. The syntax is now the same as the new script that uses curl.
You have to modify the script to put in your login information and the default email address at the designated three places.
From a SSH session, make sure it's executable then call it with /(your path)/sendgmail.sh test testing
If the script works, and you don't get anything in your inbox, check your spam folder? It could also be that port 587 is being blocked by your ISP or your router for some reason.
If it doesn't work, modify the script and remove the "2>&1" near the bottom on the QUIT line. Also remove "-quiet > /dev/null 2>&1" on the openssl line. Call the script again, and it should show you a bunch of output to see what's going on.
Sending email through Gmail... depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify error:num=20:unable to get local issuer certificate
250 SMTPUTF8
read:errno=0
Done!
It looks like some SSL certificate issue. Can you give some more information :
1. Which script are you using (I'm assuming version 1.1 that uses openssl)?
2. What is your router model and firmware version?
3. Does the router send an email anyway, even though it gives an intermediate error?
4. Did you modify the script in other places than the USER, PASS, and DEFAULT at the top? It's strange that it's displaying errors because of the 2>&1 that redirects. The only place it doesn't redirect is the base64 encoding lines at AUTH64 and PASS64.
5. Can you verify that this lines works in a SSH session :
Code:
echo -n test | openssl enc -base64
You should get a bunch of letters with two equal signs.
Hopefully someone still tracks this topic a year later. The error(s) are only shown when you remove the redirects.
I tried to use the script as-well and bumped into the same sort of certificate issue.
Code:
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify error:num=20:unable to get local issuer certificate
250 HELP
In response to your questions:
1. Yep, 1.1
2. NetGear R6400 - KB 30700M
3. Nope, processes hang and take 2.xx load till I killed the two tries
4. Not at first, later I added the variable SMTP and changed the line, since I want to use a different SMTP server.
5. Yep, works like a charm and curl is also available[/code] _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Hey I'm glad you posted! I can clear some things up:
- getting a warning about "unable to get local issuer certificate" is ok (as long as you trust the server) as it means the server's SSL could not be verified (by you, since you don't have the files)
- changes in latest openSSL versions that were compiled in the firmware have screwed things up that worked before
- you have to add the argument -cipher ECDHE-RSA-AES128-GCM-SHA256 on the openSSL line after the -quiet so that it reads:
- if you have curl installed, there is an even faster one liner (I've added a configurable SMTP server variable for you in the script):
Code:
#!/bin/sh
#
#
# This script sends an email through gmail using the curl command.
#
# Usage : sendgmail.sh [recipient] subject body
#
#
# Version 1.2 (with curl this time!)
#
# Author: raphman321
#
#
# Note: you must turn ON "Access for less secure apps" in the Gmail settings:
# https://www.google.com/settings/security/lesssecureapps
# I therefore recommend you create a separate Gmail account just for your router.
#
#
# Use line feeds \n in body to force a carriage return.
#
# The login and password are hard-coded into the script:
USER="your_login@gmail.com"
PASS="your_password"
SMTP="smtps://smtp.gmail.com:465"
# Default email to send to
DEFAULT="destination_email@gmail.com"
# Let's check if there is a recipient email address (with the @ symbol) -- no pattern matching [[ ]] in ash apparently !
if [ $(echo $1 | grep "@") ]; then
RECIPIENT=$1
shift # Move all parameters down one
else # Otherwise send to me by default
RECIPIENT=$DEFAULT
fi
# Pick out subject and body from arguments
SUBJECT=$1
BODY=$2
# Echo the email to the curl command
# --ssl-reqd have to use SSL/TLS right away (since connecting to 465 instead of 587)
# --insecure to ignore checking security certificates
# --silent to silence all output
# --ciphers have to specify which cipher to use with DD-WRT otherwise it doesn't connect
echo -e "Subject: $SUBJECT\n\n$BODY" | curl --url "$SMTP" --mail-from "$USER" \
--mail-rcpt "$RECIPIENT" --user "$USER:$PASS" --ssl-reqd --insecure --silent --ciphers ECDHE-RSA-AES128-GCM-SHA256 -T -
sendgmail.txt
Description:
Don't forget to rename to .sh and change the permissions to executable!
Thx, I was a bit busy but will give it a try within the next 24 hrs _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Too bad, it does not work. No error message either.
The server supports STARTTLS, TLS and SSL, and is listening to 587.
I guess I'll use the RasPi to collect data from the DD-WRT and mail it with SSMTP, since that works like a charm. I am very limited in time and do not have many to spend on this puzzle
Thanks anyway! _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Sorry to dig up an old thread but I've finally joined this extremely informative/helpful forum and I've always wanted to say Thank you to raph321 for this neat lil script
both ssl version 1.1 and CURL version 1.2 have helped in keeping me informed of things flawlessly for a couple years now _________________ Location 1
R7800- DD-WRT v3.0-r53562 (10/03/23) Gateway
WNDR3400v1 DD-WRT v3.0-r35531_mega-nv64k (03/26/18 ) Access Point
WRT160Nv3 DD-WRT ?v3?.0-r35531 mini (03/26/18 ) Access Point
WRT54GSv5 DD-WRT v24-r33555_micro_generic (10/20/17) Repeater
Location 2
R7800- DD-WRT v3.0-r51855 (02/25/23) Gateway
R6300v2- DD-WRT v3.0-r50671 (10-26-22) Access Point
WNDR3700v2 DD-WRT v3.0-r35531 std (03/26/18 ) Access Point
E1200 v2 DD-WRT v3.0-r35531 mega-nv64k (03/26/18 ) Gateway(for trivial reasons)
RBWAPG-5HACT2HND-BE RouterOS-v6.46.4 (2/21/20) Outdoor Access Point
2x RBSXTG-5HPACD RouterOS-v6.46.4 (2/21/20) PTP Bridge 866.6Mbps-1GbpsLAN
Location 3
2x R7000- DD-WRT v3.0-r50671 (10/26/22) Access Points
2x RBWAPG-60AD RouterOS-v6.45.9 (04/30/20) PTP Bridge 2.3Gbps-1GbpsLAN
2x RBSXTsqG-5acD RouterOS-v6.49.7 (10/14/22) PTP Bridge 866.6Mbps-1GbpsLAN Thank You BrainSlayer for ALL that you do & have done, also to "most" everyone here that shares their knowledge