Email troubleshooting

FileHold uses a straight forward email configuration for sending notifications and relies on Windows and .NET services for sending email messages. When email notifications are not being received by users, there are a number of things to check in the following order.

  1. Can you send a test email.
  2. Check that schedule tasks are executing correctly.
  3. Check that your outbound email server is forwarding the emails.
  4. Check that your inbound email server is forwarding the emails.

Test email gives an error

You will generally need to be an administrator for your email server to complete these steps or have explicit directions from your email administrator.

Error message: Check the mail account settings

This may be accompanied by additional clarifying messages.

  • Failure sending mail.
  • The operation has timed out.
  • Error in processing.
  • Bad sequence of commands.
  • The SMTP server requires a secure connection or the client was not authenticated.
  • The server response was: <various-email-server-dependent-messages-here>

Older versions of FileHold will never provide the email server response. Upgrade to the latest FileHold version or use a tool like Powershell Send-Message to get more details from the email server.

  1. Did you press the Update button after making changes to the email settings?
  2. Verify the name or address of the email server.
  3. Check that port you have set is available for use on the email server. FileHold does not support the types of connections typically used with port 465.
  4. If you chose to not require authentication, make sure the email server allows that.
  5. If you chose not to encrypt email, make sure the email server allows that.
  6. Does the email reply address match the user you are authenticating with? This is prevented by many email servers or special permissions may be required to allow this. Depending on your FileHold configuration, this could prevent users from using the built-in email client. This does not affect using an email client like Outlook.

Error message: STARTTLS is required to send mail

Your email server is requiring an encrypted connection. Make sure you check the box in the email settings.

Office 365 email used to work, but recently stopped

Starting in late 2021, Microsoft has started disabling certain email connection options by default or permanently. This may cause emails to stop working unexpectedly. Check the following two configuration items.

  1. Permission for SMTP authentication.
  2. Support for TLS 1.0 or 1.1.

Microsoft provides an SMTP troubleshooting page.

Permission for SMTP authentication

This is an optional feature that is disabled by default. If you get a message like the following, you likely need to update the permissions for the email user.

Error: 535 5.7.139 Authentication unsuccessful, SmtpClientAuthentication is disabled for the Tenant.

You can change this permission from the Office 365 administration by opening the User properties > Mail > Manage email app then checking the "Authenticated SMTP" box.

Support for TLS 1.0 or 1.1

Microsoft has been transitioning all tenants to use only TLS 1.2. Look for an Schannel error like the following in your system event log.

A fatal error occurred while creating a TLS client credential.

Your FileHold server must be configured to support the minimum TLS protocol version at your email server.

If TLS 1.0 has been disabled at your email server and you are running FileHold version 16.2.x or older, you many need to upgrade your FileHold to the latest version.

FileHold version 16.2 and 16.1 configuration changes

These versions of FileHold may have issues communicating with your email server even if TLS 1.2 is correctly configured. Note the following error which may appear for version 16.2:

The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 Client not authenticated to send mail. Error: 535 5.7.139 Authentication unsuccessful, the user credentials were incorrect.

This can be repaired with a couple of web.config file updates in the following files:

  • C:\Program Files\FileHold Systems\Application Server\DocumentRepository\web.config
  • C:\Program Files\FileHold Systems\Application Server\WebClient\web.config

For both files, edit the httpRuntime tag to include the attribute targetFramework="4.6". For example, <httpRuntime maxRequestLength="2097151" executionTimeout="65000" targetFramework="4.6"/>.

For the web client only, add the following appSettings key.

<add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />  

Office 365 email does not work with FileHold when SMTP authorization is disabled

If you get the following message make sure to follow the steps above for Office 365 as SMTP authorization is not available for the configured user. 

The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 Client not authenticated to send mail. Error: 535 5.7.139 Authentication unsuccessful, the user credentials were incorrect.

Gmail used to work for email, but now has stopped

Google has some advice on preparing your account for application SMTP authentication. If you are getting a 5.7.0 Authentication Required, and you are using Googles second option for enabling SMTP, make sure you have set up an app password for FileHold and you have entered that into the user password fields instead of the normal password for your user.

Send as denied

You may see a message like, 5.2.252 SendAsDenied; [email protected] not allowed to send as [email protected]. This means your email server is not configured to allow spoofing. In some cases, spoofing will never be allowed. If you got this sending a test message, make sure your email account and reply email are the same. If you got this sending an email from a user account using the FileHold email client, you will need to either reconfigure your email server to allow spoofing or you can adjust FileHold to send the email with your central account. In this latter case, recipients will see the reply address as the central account regardless of the user that sent the email. Add a key to the appSettings section in the library manager web config.

  • C:\Program Files\FileHold Systems\Application Server\LibraryManager\web.config

<add key="Email.FromGlobalUser" value="true" />

Checking scheduled tasks

FileHold depends on a number of Windows scheduled tasks to be running for many of your notifications to work correctly. Check those tasks with "email" or "notification" in the name to see if they are enabled, if their last run was successful and if their next run is planned in a reasonable time. If the task history is disabled, you may wish to enable it to track its progress while you diagnose an issue.

Checking your email server

FileHold can do everything perfectly including sending an email to your email server, but that does not guarantee the email will be sent. Emails can get blocked due to email addresses that are incorrect, network failures, email server, excluded lists, etc. Most email servers provide a log of messages they receive and forward on. Verify that the messages FileHold gave to your email server were forwarded to their destination. In some cases many email servers may handle your email and it may take a number of hours or days until the message is eventually rejected. If you are using a very low cost email service, you may not have access to the detailed message sending logs and you are on your own (time to upgrade).