Email notifications

[j.rieff]

I am setting up a new ISY-994i. I am on the setup section pertaining to email notifications. In the dialog box, I enter the SMTP server name and port (in my case - smtp.gmail,com and 465). then I enter my gmail user name and password. When I try a test, I get a dialog box that says Mail Server Failure. Not sure what I am missing here.

 

 

[Teken]

I am setting up a new ISY-994i. I am on the setup section pertaining to email notifications. In the dialog box, I enter the SMTP server name and port (in my case - smtp.gmail,com and 465). then I enter my gmail user name and password. When I try a test, I get a dialog box that says Mail Server Failure. Not sure what I am missing here.

 

Try port 587 and include the following or similar in the FROM: ISY 994 Series Controller:youremailaddress@gmail.com

[TrojanHorse]

In some instances, you may also need to log into your gmail account, go to settings and then allow less secure apps.

 

https://support.google.com/accounts/answer/6010255?hl=en

 

I'm not sure if this is required with latest ISY but is required for many devices / apps.

 

 

 

Sent from my iPhone using Tapatalk

[Michel Kohanim]

Hi j.rieff,

 

More information on setting up gmail account/ISY:

http://wiki.universal-devices.com/index.php?title=ISY994:Configure_Mail_Server_Settings#Configuring_gmail_Account

 

 

With kind regards,

Michel

[j.rieff]

Thanks everyone. The suggestions worked. Now, onto the next phase of the installation. It should be fun.

[bocaray]

Email has been working great until now via frontier. Updated firmware and getting "Mail server failure [password not accepted]"  Nothing has changed!  Password works from IE and Chrome?  Tried to use gmail, same error.

Can't seem to figure this out.  Worked great for a long, long time but now not working.  Any ideas?  Getting tired of trying set up over and over again with no result. 

[Teken]

Email has been working great until now via frontier. Updated firmware and getting "Mail server failure [password not accepted]"  Nothing has changed!  Password works from IE and Chrome?  Tried to use gmail, same error.

Can't seem to figure this out.  Worked great for a long, long time but now not working.  Any ideas?  Getting tired of trying set up over and over again with no result. 

 

Hello,

 

Can you offer a little more detail as to the gear in use?

 

- 99 vs 994 Series Controller

- Ports 587 vs 465

- FROM: ISY 994 Series Controller:youremailaddress@gmail.com

- Reviewed the WiKi entry offered by Michel: http://wiki.universal-devices.com/index.php?title=ISY994:Configure_Mail_Server_Settings#Configuring_gmail_Account

[bocaray]

994 latest firmware.  When I clear the email setting and reenter my Frontier info and then hit test - it send a test message BUT only 1 time.  If I hit test again or on any other group I get a error.  Using same settings as outlook. smtp.frontier.com / port 25 /4 secs.

Double check address and password and confirmed correct.  Why it send the first test but no others is driving me crazy.

[bocaray]

So now I discovered that if I wait several minutes then it will send another email 'test'.  Not sure how long to wait but I just waited ~30 minutes. This may explain why multiple conditions that are to send emails do not happen consistently. Are there timelimits in the firmware???

[Teken]

So now I discovered that if I wait several minutes then it will send another email 'test'.  Not sure how long to wait but I just waited ~30 minutes. This may explain why multiple conditions that are to send emails do not happen consistently. Are there timelimits in the firmware???

 

Is this using GMAIL? I ask because as far as I am aware there is no time limit. I know this as fact because the system in the past has blasted me with hundreds of emails within a four minute time frame.

[stusviews]

994 latest firmware.

 

"Latest firmware" is meaningless. Do you mean the latest release candidate or the latest official release? And what about the UI? Both matter.

[bocaray]

NOT gmail.  Using Frontier communications email. Worked flawlessly for more than a year.  Just recently (after release update) that issues have started. Really, "meaningless?", obviously I meant 'latest official release' when I said firmware. What ABOUT the UI??? Sort of meaningless? What are you asking?

[larryllix]

NOT gmail.  Using Frontier communications email. Worked flawlessly for more than a year.  Just recently (after release update) that issues have started. Really, "meaningless?", obviously I meant 'latest official release' when I said firmware. What ABOUT the UI??? Sort of meaningless? What are you asking?

The phrase "latest" is meaningless as Stu posted. Clarification is being requested, that's all.

 

I am running v5.0.8 as the latest version.

 

There is latest release candidate.

There is latest official release.

There is latest alpha/beta firmware release.

[bocaray]

Version 4.5.4

[Teken]

Version 4.5.4

 

With out more detail regarding this Frontier mail service I would suggest you create a dedicated GMAIL account. Using the WiKi entry I provided up above you can see if the controller allows normal mail flow.

 

The benefit of using a dedicated email address from GMAIL is that its only function is to provide you notifications from the ISY Series Controller and nothing more. You will never have to worry about filtering out *Normal Mail* vs email dedicated to the home automation system.

 

Obviously this doesn't address your Frontier issue at the moment. My reply is solely from the point of view to help you achieve a 100% up time for mail delivery while you continue to trouble shoot the Frontier SMTP mail issue(s).

 

Happy New Years! 

[stusviews]

Version 4.5.4

 

For both the firmware and the UI?

[jtara92101]

Version also matters for the sanity of future forum readers. Posts and responses are not only to answer your question or solve your problem, but to benefit future readers.

 

Future readers should not be expected to check the date of a post that references the "latest" firmware to see what version that refers to!

[bocaray]

Yes both firmware and UI. Extended the timeout to 8 seconds but email is spotty and unreliable. Every 3rd email gets sent.  Will try GMAIL this weekend but I suspect it is Frontier.

[bocaray]

Finally gave up and went to Gmail account settings.  All works good now.  Thanks Frontier (schmucks!)

[nwchicago]

Is there a way to use gmail without disabling the "deny access to less secure apps" setting in gmail account security?

[MWareman]

Is there a way to use gmail without disabling the "deny access to less secure apps" setting in gmail account security?

No.

 

'Secure Apps' just means it uses Google's identity provider and does 'bearer' based authentication. The reason it's more secure is the password does not need to be stored on the client, and the authentication can easily be revoked.

 

Given you own the client (ISY), the risk is lower.

 

If you want to mitigate, enable 2FA in the Google account and generate an 'Application Specific' password for your ISY to use. You'll still need to enable 'Less secure Apps', but the risk is much lower since your regular Google account password cannot then be used against the SMTP service.

 

Michael.

[nwchicago]

No.

 

'Secure Apps' just means it uses Google's identity provider and does 'bearer' based authentication. The reason it's more secure is the password does not need to be stored on the client, and the authentication can easily be revoked.

 

Given you own the client (ISY), the risk is lower.

 

If you want to mitigate, enable 2FA in the Google account and generate an 'Application Specific' password for your ISY to use. You'll still need to enable 'Less secure Apps', but the risk is much lower since your regular Google account password cannot then be used against the SMTP service.

 

Michael.

Thanks. I guess I'll use two form identification.

I'm always a bit concerned if my phone is missing when I need to check email.

 

What about setting up a dummy notification account with gmail that is only used for alerts.

 

Is there any security Risk to the recipients of the account were hijacked by bad guys?

 

Thanks.

 

Chicago

 

 

Sent from my iPhone using Tapatalk

[MWareman]

Thanks. I guess I'll use two form identification.

I'm always a bit concerned if my phone is missing when I need to check email.

 

What about setting up a dummy notification account with gmail that is only used for alerts.

 

Is there any security Risk to the recipients of the account were hijacked by bad guys?

 

Thanks.

 

Chicago

 

 

Sent from my iPhone using Tapatalk

If you setup a secondary account (I use this myself for ISY emails) then don't use it as a recovery email address for your primary with 2FA. Otherwise, if the secondary is compromised an attacker could probably switch off 2FA on your primary. Keep it dedicated and seperate for the ISY to use. Still turn on 2FA on it and use an app specific password....

 

Personally, I opt for no recovery email (to close that attack vector entirely). I have two Yubikeys registered to my Google accounts, one on my keyring and the other in a safety deposit box. If my phone died (where the authenticator app runs) I can easily recover the account with a Yubikey. However, that's likely a little extreme... However, the Yubikey is a great backup to the phone missing/out of reach problem.

 

I use a secondary mostly for aesthetics - the sent mail didn't appear in my primary accounts sent folder. And hey, it's free - so why not.

 

Michael.

[nwchicago]

Michael, this is a great idea. I've never heard of Yubikey - is it a USB hardware token to authenticate gmail?

So this is a quick summary:

1. Set up a notification only email account with 2FA.

2. Do not set up any recovery email.

3. Implement 2FA on Primary email account

4. Buy 2-3 Yubikeys and link to primary email account as backup

5. Store extra yubikeys in protected location.

6. Configure isy admin for notification email account

 

 

Sent from my iPhone using Tapatalk

[MWareman]

Yubikey is indeed a hardware token. They offer USB, mini USB (as in virtually invisible) and a combo USB/NFC hardware token. They support services that use U2F in their authentication flow (Google and Facebook do) and other services that directly support Yubikey directly (like LastPass). It's my go-to hardware 2FA solution.

 

The only thing to add - in your notification only account, use a Yubikey for 2FA to backup the soft token on your phone. Also, make sure to configure an app-specific password for ISY to use as well as enable 'Less secure 'Restore apps... (which appears counter intuitive at this point, since it's enabling a far more secure environment).