Sending notification emails via SMTP uses an invalid (encrypted) password on first attempt, then succeeds on second.

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Low
    • 12.0.0, 10.2.8, 11.0.5
    • Affects Version/s: 10.2.0, 11.0.0
    • Component/s: Notifications
    • None
    • 1
    • Severity 3 - Minor
    • 1

      Issue Summary

      Bamboo sends an encrypted SMTP password on the first attempt, causing authentication to fail; the second attempt uses the correct (decrypted) password and succeeds. If your SMTP server authenticates users via Active Directory (LDAP, Kerberos, or NTLM) or another identity provider, this may cause the repeated failed authentications to trigger an account lockout policy.

      Steps to Reproduce

      1. Setup Bamboo server outgoing email.
      2. Enabled SMTP debug logs.
      : ${JVM_SUPPORT_RECOMMENDED_ARGS:="-Dmail.debug=true -Dmail.debug.auth=true"}

      Expected Results

      To send correct password on first attempt.

      Actual Results

      The below exception is thrown in the catalina.out file:

      DEBUG: Jakarta Mail version 1.6.7
DEBUG: successfully loaded resource: /META-INF/javamail.default.providers
DEBUG: Tables of loaded providers
DEBUG: Providers Listed By Class Name: {com.sun.mail.smtp.SMTPTransport=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle], com.sun.mail.imap.IMAPSSLStore=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Oracle], com.sun.mail.pop3.POP3Store=javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Oracle], com.sun.mail.smtp.SMTPSSLTransport=javax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Oracle], com.sun.mail.imap.IMAPStore=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle], com.sun.mail.pop3.POP3SSLStore=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Oracle]}
DEBUG: Providers Listed By Protocol: {imap=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle], smtp=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle], pop3=javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Oracle], imaps=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Oracle], smtps=javax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Oracle], pop3s=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Oracle]}
DEBUG: successfully loaded resource: /META-INF/javamail.default.address.map
DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle]
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "sandbox.smtp.mailtrap.io", port 587, isSSL false
220 smtp.mailtrap.io ESMTP ready
DEBUG SMTP: connected to host "sandbox.smtp.mailtrap.io", port: 587
EHLO localhost
250-smtp.mailtrap.io
250-SIZE 5242880
250-PIPELINING
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-AUTH PLAIN LOGIN CRAM-MD5
250 STARTTLS
DEBUG SMTP: Found extension "SIZE", arg "5242880"
DEBUG SMTP: Found extension "PIPELINING", arg ""
DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
DEBUG SMTP: Found extension "8BITMIME", arg ""
DEBUG SMTP: Found extension "DSN", arg ""
DEBUG SMTP: Found extension "AUTH", arg "PLAIN LOGIN CRAM-MD5"
DEBUG SMTP: Found extension "STARTTLS", arg ""
DEBUG SMTP: protocolConnect login, host=sandbox.smtp.mailtrap.io, user=b7d3a9eac87165, password=<non-null>
DEBUG SMTP: Attempt to authenticate using mechanisms: LOGIN PLAIN DIGEST-MD5 NTLM XOAUTH2 
DEBUG SMTP: Using mechanism LOGIN
AUTH LOGIN
334 VXNlcm5hbWU6
YjdkM2E5ZWFjODcxNjU=
334 UGFzc3dvcmQ6 
<FAILED_PWD>
535 5.7.0 Invalid credentials
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "sandbox.smtp.mailtrap.io", port 587, isSSL false
220 smtp.mailtrap.io ESMTP ready
DEBUG SMTP: connected to host "sandbox.smtp.mailtrap.io", port: 587
EHLO localhost
250-smtp.mailtrap.io
250-SIZE 5242880
250-PIPELINING
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-AUTH PLAIN LOGIN CRAM-MD5
250 STARTTLS
DEBUG SMTP: Found extension "SIZE", arg "5242880"
DEBUG SMTP: Found extension "PIPELINING", arg ""
DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
DEBUG SMTP: Found extension "8BITMIME", arg ""
DEBUG SMTP: Found extension "DSN", arg ""
DEBUG SMTP: Found extension "AUTH", arg "PLAIN LOGIN CRAM-MD5"
DEBUG SMTP: Found extension "STARTTLS", arg ""
DEBUG SMTP: protocolConnect login, host=sandbox.smtp.mailtrap.io, user=b7d3a9eac87165, password=<non-null>
DEBUG SMTP: Attempt to authenticate using mechanisms: LOGIN PLAIN DIGEST-MD5 NTLM XOAUTH2 
DEBUG SMTP: Using mechanism LOGIN
AUTH LOGIN
334 VXNlcm5hbWU6
YjdkM2E5ZWFjODcxNjU=
334 UGFzc3dvcmQ6
<WORKING_PWD>
235 2.0.0 OK
DEBUG SMTP: use8bit false
MAIL FROM:<babmoo@example.com>
250 2.1.0 Ok
RCPT TO:<anikolikj@gmail.com>
250 2.1.0 Ok
DEBUG SMTP: Verified Addresses
DEBUG SMTP:   anikolikj@gmail.com
DATA
354 Go ahead
Date: Mon, 23 Jun 2025 23:49:43 +1000 (AEST)
From: Bamboo <babmoo@example.com>
To: anikolikj@gmail.com
Message-ID: <1851035632.0.1750686587102@localhost>
Subject: [Bamboo] Bamboo test email
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Auto-Submitted: auto-generated
Precedence: bulk

      If the account becomes locked out due to repeated auth failures, Bamboo will continually fail to send email notifications with the below exception:

      com.atlassian.mail.MailException: javax.mail.AuthenticationFailedException: 535 #5.7.0 Authentication failed

      Workaround

       Configure a JNDI connector. 

            Assignee:
            Tomasz Chojnacki (Inactive)
            Reporter:
            Alex
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: