Search code examples
phplaravellaravel-authentication

Expected response code 250 but got code "554", with message "554 Message rejected | Laravel Using TO Email

  • Laravel Version: 8.27
  • PHP Version $ php --version: PHP 8.0.3 (cli)
  • Database Driver & Version $ mysql --version: mysql Ver 8.0.23-0ubuntu0.20.04.1

Problem Statement:

I'm getting TO email in FROM email which of course will not be verified in Amazon SES in POST password/email.

Description:

Let [email protected] will ask for Password Reset Link via email. Generally [email protected] will send password reset link. However, In my case [email protected] is trying to send password reset link to itself.

In Amazon SES we need to verify email to send mail through SES service. So I've verified [email protected].

Note: Both domain are different example1.com and example2.com. example1.com is setup on Amazon SES.

Exception:

Swift_TransportException (554)

Expected response code 250 but got code "554", with message "554 Message rejected: Email address is not verified. The following identities failed the check in region REGION: [email protected] "

Configuration:

$ php artisan route:list

+--------+----------+-----------------------------------------------+------------------------------------+-------------------------------------------------------------------------------+-------------------------------------------------------+
| Domain | Method   | URI                                           | Name                               | Action                                                                        | Middleware                                            |
+--------+----------+-----------------------------------------------+------------------------------------+-------------------------------------------------------------------------------+-------------------------------------------------------+
|        | POST     | password/email                                | password.email                     | App\Http\Controllers\Auth\ForgotPasswordController@sendResetLinkEmail         | web                                                   |

App\Http\Controllers\Auth\ForgotPasswordController.php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;

class ForgotPasswordController extends Controller
{

    use SendsPasswordResetEmails;

vendor\laravel\ui\auth-backend\SendsPasswordResetEmails.php

namespace Illuminate\Foundation\Auth;

use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Password;
use Illuminate\Validation\ValidationException;

trait SendsPasswordResetEmails
{
 

    public function sendResetLinkEmail(Request $request)
    {
        $this->validateEmail($request);

        $response = $this->broker()->sendResetLink(
            $this->credentials($request)
        );

        return $response == Password::RESET_LINK_SENT
                    ? $this->sendResetLinkResponse($request, $response)
                    : $this->sendResetLinkFailedResponse($request, $response);
    }

vendor\laravel\framework\src\illuminate\Auth\Passwords\PasswordBroker.php

namespace Illuminate\Auth\Passwords;

use Closure;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Illuminate\Contracts\Auth\PasswordBroker as PasswordBrokerContract;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Support\Arr;
use UnexpectedValueException;

class PasswordBroker implements PasswordBrokerContract
{

    public function sendResetLink(array $credentials, Closure $callback = null)
    {

        $user = $this->getUser($credentials);

        if (is_null($user)) {
            return static::INVALID_USER;
        }

        if ($this->tokens->recentlyCreatedToken($user)) {
            return static::RESET_THROTTLED;
        }

        $token = $this->tokens->create($user);

        if ($callback) {
            $callback($user, $token);
        } else {

            $user->sendPasswordResetNotification($token);
        }

        return static::RESET_LINK_SENT;

.env

MAIL_DRIVER="smtp"
MAIL_HOST="test-smtp.region.amazonaws.com"
MAIL_PORT="25"
MAIL_USERNAME="USER..."
MAIL_PASSWORD="PASS..."
MAIL_ENCRYPTION="tls"
MAIL_FROM_ADDRESS="[email protected]"
MAIL_FROM_NAME="foo"
Solution

  • It seems to me like your AWS mailing service or Laravel is not correctly setup

    https://aws.amazon.com/premiumsupport/knowledge-center/ses-554-400-message-rejected-error/

    You could try using mailtrap.io out of the box to test stuff.

    That kind exception usually raises when the Server that's supposed to send the e-mail is rejecting it. Usually the case for SMTP or AWS SES. There is also a possibility that you're trying to send through an outlook account through SMTP and security policies won't let you send the message.

    However if I got this right you want to send emails as if people sent them theirselves. That won't be possible because you don't have the ability to verify all emails. *@*

    As a solution you can use reply-to option, or no-reply as the sender if you don't want the user to be able to reply.

    If you are not trying to send mail as to@, but instead from@ make sure the MAIL_FROM_EMAIL is correctly set in env.

    Emails should not be sent unencrypted

    Email ports to use:

    Protocol    Security Setting    Port Number(s)
SMTP (sending mail)     Encrypted - TLS/STARTTLS    465
SMTP (sending mail)     Encrypted - SSL             465
SMTP (sending mail)     Unencrypted                 25* (or 26)

POP3 (receiving mail)   Encrypted - TLS             995
POP3 (receiving mail)   Encrypted - SSL             995
POP3 (receiving mail)   Unencrypted                 110
IMAP (receiving mail)   Encrypted - TLS             993
IMAP (receiving mail)   Encrypted - SSL             993
IMAP (receiving mail)   Unencrypted                 143

    https://billing.precedence.com.au/billing/knowledgebase/70/Mail-Ports-for-POP3-IMAP-and-SMTP.html