No password reset links sending to Gmail accounts

No password reset links sending to Gmail accounts

by Emma Lindsay -
Number of replies: 6
Hi all,

I keep getting emails from gmail users saying they don't get the password reset link from our Moodle site (4.1 lambda theme). It works fine for me on other email accounts. I set up a gmail acocunt on the the site and had the same issue. The password reset link doesn't arrive and it's not in spam or anything either. Any ideas how to fix this? Thanks in advance.
Average of ratings: -
In reply to Emma Lindsay

Re: No password reset links sending to Gmail accounts

by ryan lesperance -
Hi did you ever get a solution to this?
Average of ratings: -
In reply to ryan lesperance

Re: No password reset links sending to Gmail accounts

by Ken Task -
Picture of Particularly helpful Moodlers
@both in this thread ...

Do a query of mdl_user table:
select id,auth,firstname,lastname,email,password from mdl_user where email like '%gmail.com';

In what is returned, does auth = oauth2 and do you see a password (hashed)?

If you have anything in password, user used gmail.com address but password is in your system ... not using Google IAM.  

If you see nothing in password,  then you have Google IAM auth setup for your Moodle site.

IF no oauth2's show up, then users might have used their gmail.com address but with
a manual (entered by user) password in your system.

Google might drop those messages to change password - won't be in spam - looks too fishy to Google.

Google over the last year or so, required Google IAM clients to re-certify their mini IAM
app ... especially if site had used an @gmail.com address for the System Account in the IAM setup.  

Did that address get any such notifications from Google?

Also, Google and Yahoo are now requiring DKIM to communicate.
That's a DNS thing but the generation of the DKIM info has to be generated from
your server.

https://moodle.org/mod/forum/discuss.php?d=435481
https://docs.moodle.org/403/en/Mail_configuration#DKIM

As is normal when it comes to email, no easy answer and no easy solution can be provided publically in these forums.

'SoS', Ken

Average of ratings: -
In reply to Ken Task

Re: No password reset links sending to Gmail accounts

by Ralph Ballier -
Picture of Particularly helpful Moodlers
Hello,

we had a similar problem with emails to gmail.

In such cases, it is always useful to look at the error messages in the mail log. We have the pretty clear error message there (just the essential excerpt):

"..... dsn=5.7.26, status=bounced (host gmail-smtp-in.l.google.com[74.125.206.26] said: 550-5.7.26 This mail has been blocked because the sender is unauthenticated. 550-5.7.26 Gmail requires all senders to authenticate with either SPF or DKIM. 550-5.7.26 550-5.7.26 Authentication results: 550-5.7.26 DKIM = did not pass 550-5.7.26 SPF....."

This made it clear what action needed to be taken.

Ralph
Average of ratings: -
In reply to Ralph Ballier

Re: No password reset links sending to Gmail accounts

by Ken Task -
Picture of Particularly helpful Moodlers
@Ralph ... so you have verfied what I mentioned, but ... question ...
what mail.log were you looking at to get that info?    How is your moodle setup email wise.
Other OP's in this thread might be using SMTP relay only so no real logs to see!

Here's another that's a puzzler ... maybe you've seen these also ... I have more than one moodle server hosted on Googles Compute Engine ... every once in a while I see in postfix mail logs a message is rejected because of an IPv6 issue.

Thanks for sharing ... let's hope OP's are hosted where they can address the issue.

'SoS', Ken

Average of ratings: -
In reply to Ken Task

Re: No password reset links sending to Gmail accounts

by Ralph Ballier -
Picture of Particularly helpful Moodlers
Hi Ken,

I have rented a server under Linux and am an admin there. Being able to see the log files has helped me in many cases.

If you have problems with Gmail and can't view the files, you can at least call support and ask them about it. You can also enter "nslookup" -> "type=txt" -> in the Windows command prompt and then a string of the form "v=spf1 ip4:80.239.207.166 -all" should be output if an SPF entry exists.

Regarding your problem: Perhaps your mail server has two IP addresses and there is no reverse resolution for one of the two addresses.

You can find a good description at "https://www.maffert.net/postfix-googlemail-lehnt-e-mails-ab-ipv6/".

Ralph
Average of ratings: -
In reply to Ralph Ballier

Re: No password reset links sending to Gmail accounts

by Ken Task -
Picture of Particularly helpful Moodlers
Thanks for link on postfix.   Will check that out.

As far as nslookup that's from a workstation and not server (different network and different resolvers).    Best if OP has Linux and command line access to use
dig txt fullyqualifeddomainnameofmoodleserver
from the server itself, me thinks!

'SoS', Ken


Average of ratings: -