Password recovery SMTP settings not working
Under System > Administration > Password Recovery
I am trying to set this up using my Gmal SMTP credentials.
Issue #1 - There is no place to enter the port number for the SMTP server. Gmail, iCloud, my private hosting account... all require secure authentication on port numbers (465, 587, or 993), which are not port 25.
Issue #2 - The password is never saved. I enter the password and hit the "save" button. But when I go back to these settings, the password field is blanked out.
Issue #3 - The whole thing just fails with an error to check the settings. My guess is that it needs a secure port number (465, 587, or 993) or the password is missing. Either way, this function is completely broken.
Unless somebody can explain what magical settings can be used or if there is an SMTP server that is known to work with this function, I've love to hear about it. Thank you!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi Sparky
I was able to replicate the same issue on our AX20. I will need to send this to our software team to investigate. In the meantime you have two alternatives. 1. Set the password recovery up without authenication. 2. Link you router to a TP-Link ID cloud account. This will also allow you to have remote access via the cloud by using a Mobile device and the Tether app linked to the same ID.
- Copy Link
- Report Inappropriate Content
Carl wrote
Hi Sparky
I was able to replicate the same issue on our AX20. I will need to send this to our software team to investigate. In the meantime you have two alternatives. 1. Set the password recovery up without authenication. 2. Link you router to a TP-Link ID cloud account. This will also allow you to have remote access via the cloud by using a Mobile device and the Tether app linked to the same ID.
After a VERY painful online chat session that lasted over 75 minutes , it ended up escalated to level 2 support: [TPLINK SUPPORT #393339]: Chat ID: 15336769
Regarding your suggestion #1: I am trying to use either iCloud or Gmail SMTP server for sending and I seriously doubt either of these companies would allow SMTP without authentication.
My primary goal was to get this issue reported as a bug.
Thank you for at least confirming my observations and hopefully a fix can get pushed out at some point.
- Copy Link
- Report Inappropriate Content
@Sparky672 Hi. I'm just writing to say that I've run in to the same problem. . It certainly seems broken.
- Copy Link
- Report Inappropriate Content
@Sparky672 Hi Again - I hope this is helpful..... I got an email from Google that an un-secure app was trying to access my account. Since the details of that indicate that it was me, I assume the tplink Archer A7 is deemed an un-secure device or app. Makes sense, since none of the usual security info is required on the setup page, I think?
- Copy Link
- Report Inappropriate Content
Slow_Hand wrote
@Sparky672 Hi Again - I hope this is helpful..... I got an email from Google that an un-secure app was trying to access my account. Since the details of that indicate that it was me, I assume the tplink Archer A7 is deemed an un-secure device or app. Makes sense, since none of the usual security info is required on the setup page, I think?
You are exactly correct. I responded to the Google warning, which supposedly allows the "un-secure" app. I never got the Google warning again, but it still does not work. My guess is the fact that you cannot properly set it up... missing critical details... port number, encryption method, etc, not to mention the password field that always seems to be blank.
FYI for TP-link @Carl ... the page where you can email yourself a copy of the log has the exact same issue.
- Copy Link
- Report Inappropriate Content
I have the reason for this. Our email service does not work with SSL or TLS. While Google did switch to SSL back in 2012 the most popular is still POP and IMAP. I have asked if we plan on changing this since Google is by far the most popular email service out there. If i get any updates I will let you know.
- Copy Link
- Report Inappropriate Content
You did not mention the password field. When I save the password and go back to this setting, the field is blanked out. How do we know if the SMTP password is saved when the router GUI shows nothing there??
Carl wrote
Our email service does not work with SSL or TLS.
This makes absolutely no sense. What are you talking about when you say "our" mail service. When you enter the parameters into any email client, it's communicating with GMAIL's service, not your own service. Do you perhaps mean your router software does not work with SSL or TLS? So then I'm assuming port 25 only.
Carl wrote
While Google did switch to SSL back in 2012 the most popular is still POP and IMAP.
Again, this makes no sense... Gmail is IMAP (and POP), it was IMAP/POP in 2012, and in 2020 is offering access through IMAP and POP protocols... SSL is just the security method for user authentication.
And what does 2012 have to do with anything? It's 2020 now and if Gmail has been using secure authentication for their servers since 2012, TP-Link should have absolutely no excuse for software being 8 years behind on a router that was released last year!
Carl wrote
I have asked if we plan on changing this since Google is by far the most popular email service out there.
Hahaha... and your user manual for this router shows the Gmail SMTP server as the example. LOL
Forgetting about Gmail/Google for a moment, there are NO email services out there that I can find that will work with this router! Just point to one. They all want secure authentication for sending mail from their SMTP servers. A company like TP-Link that sells routers with firewalls should know a little bit about security.
So you absolutely need to fix this because it's not secure and completely useless; until then, TP-Link's software engineers should be thoroughly embarrassed.
At the very least this feature of sending mail from the router should be clarified that it's "port 25 only without SSL/TLS" or just removed entirely since nobody has access to an email account that uses port 25 without secure authentication.
- Copy Link
- Report Inappropriate Content
Yes I did and they didn't mention anything about that part. I did ask for a follow to that one.
That is how it was described to me, It could be lost in translatation as we are communicating with our Engineering team in China and as English is there 2nd language they made be trying simplfy it for us to reduce misunderstandings.
Yeah I re-read that and also thought that did not may sense since POP and IMAP are for incomming not outgoing. The mention of 2012 was actually a bit of dumbfoundness that Google had been using that for that long and we haven't updated our side.
As does the FAQ associated with this feature. A point i also made in my response to them. I have also asked them to provide a list of email service that do work. Once i have that I will give you more details.
- Copy Link
- Report Inappropriate Content
Carl wrote
Yes I did and they didn't mention anything about that part. I did ask for a follow to that one.
That is how it was described to me, It could be lost in translatation as we are communicating with our Engineering team in China and as English is there 2nd language they made be trying simplfy it for us to reduce misunderstandings.
Yeah I re-read that and also thought that did not may sense since POP and IMAP are for incomming not outgoing. The mention of 2012 was actually a bit of dumbfoundness that Google had been using that for that long and we haven't updated our side.
As does the FAQ associated with this feature. A point i also made in my response to them. I have also asked them to provide a list of email service that do work. Once i have that I will give you more details.
I appreciate your honesty in this conversation.
Carl wrote
I have also asked them to provide a list of email service that do work.
I doubt this is possible... but at least their failure to come up with a reasonable response would only prove my point.
Perhaps TP-Link upper management needs to be made aware of these security flaws and GUI issues?
Thank you for the response.
- Copy Link
- Report Inappropriate Content
So I received this email message from a Fritz Peng, Senior Engineer at TP-Link:
Dear John,
This is Fitz senior engineer from TP-Link support who gonna help with your problem~
May I ask if you have an email service that doesn't support SSL and TLS?
You can use that email address to give it a try to see if the recovery email can be sent correctly.
Thanks~
This was my response:
Hi Fitz -
Unfortunately, I know of NO email provider that would allow authenticated access to their SMTP servers without SSL/TLS security. Do you know of one? I also don’t understand how a company such as TP-Link would suggest doing such a thing.
I currently have Gmail, iCloud, and my own shared hosting account, all which mandate SSL/TLS authentication on the email services they provide.
Google/Gmail has mandated SSL/TLS for nearly a decade, so why is TP-Link so far behind? Even the user manual for this router is incorrect as it shows Gmail SMTP in the example and that service is literally impossible if you cannot allow SSL/TLS.
Perhaps if there is some technical reason why you cannot offer the correct authentication settings through the router interface, then any feature offering the sending of email should be removed. As a user I would rather not see options that are broken or obsolete.
Thank you
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 9484
Replies: 31
Voters 0
No one has voted for it yet.