OraFAQ Forum: SQL & PL/SQL » ORA-24247 with valid ACL when sending smtp mail

Home » SQL & PL/SQL » SQL & PL/SQL » ORA-24247 with valid ACL when sending smtp mail (Oracle Database 11.2.0.3)

Show: Today's Messages :: Polls :: Message Navigator
E-mail to friend

ORA-24247 with valid ACL when sending smtp mail [message #562386]

Wed, 01 August 2012 03:26

NanteJena
Messages: 11
Registered: November 2007
Location: Jena

Junior Member

I have users with the same privileges to the same ACL and some can send emails and some others cannot !

In principle I created the ACL for USER1:

BEGIN
dbms_network_acl_admin.create_acl
(acl => 'mails_senden.xml',
description => 'Mails senden ueber INTRANET Mail-Server ...',
principal => 'USER1',
is_grant => true,
privilege => 'connect');
COMMIT;
END;
/
BEGIN
dbms_network_acl_admin.assign_acl
(acl => 'mails_senden.xml',
host => 'xx.xx.x.xx',
lower_port => null,
upper_port => null);
COMMIT;
END;
/
BEGIN
dbms_network_acl_admin.add_privilege
(acl => 'mails_senden.xml',
principal => 'USER1',
is_grant => true,
privilege => 'resolve');
COMMIT;
END;
/

Then I added USER2:
BEGIN
dbms_network_acl_admin.add_privilege
(acl => 'mails_senden.xml',
principal => 'USER2',
is_grant => true,
privilege => 'connect');
COMMIT;
END;
/
BEGIN
dbms_network_acl_admin.add_privilege
(acl => 'mails_senden.xml',
principal => 'USER2',
is_grant => true,
privilege => 'resolve');
COMMIT;
END;
/

USER1 sent a mail via UTL_SMTP successful whereas USER2 got the errors:
DECLARE
*
ERROR at line 1:
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.UTL_TCP", line 17
ORA-06512: at "SYS.UTL_TCP", line 267
ORA-06512: at "SYS.UTL_SMTP", line 161
ORA-06512: at "SYS.UTL_SMTP", line 197
ORA-06512: at line 34

What the matter ?

There is still the following fact:
USER1 has the role DBA, USER2 got the EXECUTE privilege to packages UTL_TCP, UTL_SMTP (GRANT from SYS).
IF the role DBA was granted to USER2 too then he couldt send emails just as well as USER1.

Is this a problem with privileges, with wich?

Report message to a moderator

Re: ORA-24247 with valid ACL when sending smtp mail [message #562391 is a reply to message #562386]

Wed, 01 August 2012 03:57

Michel Cadot
Messages: 68776
Registered: March 2007
Location: Saint-Maur, France, https...

Senior Member
Account Moderator

So your last question was not the last one. Grin

Use SQL*Plus and copy and paste your session, the WHOLE session.

Before, Please read OraFAQ Forum Guide and How to use [code] tags and make your code easier to read.
Make sure that lines of code do not exceed 80 characters when you format.
Indent the code, use code tags and align the columns in result.
Use the "Preview Message" button to verify.
Also always post your Oracle version, with 4 decimals.

Regards
Michel

Report message to a moderator

Re: ORA-24247 with valid ACL when sending smtp mail [message #562401 is a reply to message #562386]

Wed, 01 August 2012 05:17

John Watson
Messages: 9000
Registered: January 2010
Location: Global Village

Senior Member

You must specify a port range (probably you want 25 to 25) when you create your ACL.

Report message to a moderator

Re: ORA-24247 with valid ACL when sending smtp mail [message #562406 is a reply to message #562401]

Wed, 01 August 2012 06:30

gazzag
Messages: 1119
Registered: November 2010
Location: Bedwas, UK

Senior Member

John,

How would that explain one user being able to send and one not?

Report message to a moderator

Re: ORA-24247 with valid ACL when sending smtp mail [message #562407 is a reply to message #562406]

Wed, 01 August 2012 06:38

John Watson
Messages: 9000
Registered: January 2010
Location: Global Village

Senior Member

Trust me. I'm a DBA.

Report message to a moderator

Re: ORA-24247 with valid ACL when sending smtp mail [message #562410 is a reply to message #562406]

Wed, 01 August 2012 07:04

Michel Cadot
Messages: 68776
Registered: March 2007
Location: Saint-Maur, France, https...

Senior Member
Account Moderator

gazzag wrote on Wed, 01 August 2012 13:30

John,

How would that explain one user being able to send and one not?

And who knows if what OP said is what he actually did?

Regards
Michel

Report message to a moderator

Re: ORA-24247 with valid ACL when sending smtp mail [message #562558 is a reply to message #562410]

Thu, 02 August 2012 04:21

NanteJena
Messages: 11
Registered: November 2007
Location: Jena

Junior Member

Hi,

the problem is solved, details see My Oracle Support Community, PL/SQL, same title.

It had nothing to do with ports (NULL is default, all ports of the host included!).
The cause was, that I specified in ACL the IP address and in PL/SQL mail/package the hostname was coded
(no chance to see this in Oracle documentation)!
Besides users with role DBA can access the network without ACL too and so the given ACL doesn't work at all!

Report message to a moderator

Re: ORA-24247 with valid ACL when sending smtp mail [message #562559 is a reply to message #562558]

Thu, 02 August 2012 04:32

Michel Cadot
Messages: 68776
Registered: March 2007
Location: Saint-Maur, France, https...

Senior Member
Account Moderator

Quote:

the problem is solved, details see My Oracle Support Community, PL/SQL, same title.

Thanks for the feedback but what about posting a link?

Regards
Michel

Report message to a moderator

Previous Topic:	order by alphanumeric
Next Topic:	Strange cost: summary lower than ingredients

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Fri Apr 03 19:39:33 CDT 2026