Last Updated: September 09, 2019
·
21.94K
· zohebsait

Getting scan to email working with the Brother MFC7860DW

I recently got the Brother MFC7860 all-in-one, primarily because I wanted the ability to scan directly to email. However I can't imagine how someone who is not technically savvy could ever get this working.

For one, the scan to email feature is not enabled by default and requires you to download a firmware update from Brother's website to enable. Doesn't help that they call this feature 'i-Fax' instead of 'Scan to Email' as you would expect!

Once you have the firmware upgraded, you can configure the STMP sever by logging into the web-console on the printer. However, the firmware does not support SMTP over SSL, but does support SMTP authentication.

I use Verizon FIOS as my ISP. Most ISP's these day block outgoing connections to port 25 to fight spam, and either require you to use their SMTP server or connect to a mail server on another port besides 25 that's usually running over SSL.

Verizon required that you SSL to connect their STMP server, and this printer doesnt' support it, so that's out. So was Gmail's SMTP server. However I stumbled upon a unpublicized SMTP server (outgoing.verizon.net) that Verizon had that allowed plain text connections with MD5 authentication and had things working.

That is till today, when I noticed the scan to email function stopped working, and the printer gave a short 'Sending failed' message with no other details.

I had to figure out what was going on when the printer connected to the SMTP server, so I ran a tcp proxy using netcat and had the printer talk to the verizon SMTP via my proxy, so I could capture the conversation. Here's how I ran the proxy

nc -l -p 12345 < pipe | tee outgoing.log | nc outgoing.verizon.net 25 | tee pipe incoming.log

Looking at the logs, I could see that the STMP server was hanging up with some internal error after the client attempted to pass the MD5 hash of the password. More about CRAM-MD5 here

 220 vms173005pub.verizon.net -- Server ESMTP (Sun Java(tm) System Messaging Server 7u2-7.02 32bit (built Apr 16 2009))
ehlo z
250-vms173005pub.verizon.net
250-8BITMIME
250-PIPELINING
250-CHUNKING
250-DSN
250-ENHANCEDSTATUSCODES
250-HELP
250-XLOOP F927C8A28F98062CC04CA5B90AD7447C
250-AUTH DIGEST-MD5 PLAIN LOGIN CRAM-MD5
250-AUTH=LOGIN PLAIN
250-ETRN
250-NO-SOLICITING
250 SIZE 20971520
AUTH LOGIN CRAM-MD5 <hash>
415 Authentication Error.

So at this point, I know that something's broken with Verizon's SMTP server, as it was publicizing support for CRAM-MD5 but failing when attempting to use it even though I had the right password, and could isolate it to problem with their SMTP server configuration.

Since I needed a SMTP server that ran on port other than 25, but didn't require TLS, I ended up signing up for a free plan with SendGrid and using their STMP server as they run their servers on port 2525 besides 25. SendGrid requires you to have a domain and point email.domain.com's CNAME to sendgrid.net before they activate your account. Once my account my provisioned, the scan to email feature finally worked as expected!

I also found smtp-cli to be useful for debugging because it has a verbose mode that shows you the exact SMTP conversation when you attempt to send mail and helps you ensure you have all the access details correct.

~/bin $ ./smtp-cli-3.4 --verbose --host=smtp.sendgrid.net --port 2525 --enable-auth --user zoheb --from scanner@zoheb.com --to xxx@gmail.com --data test --disable-ssl
Enter password for zoheb@smtp.sendgrid.net :
    Connection from 192.168.1.9:61487 to 50.97.69.148:2525
    [220] 'mi5 ESMTP service ready'
    > EHLO localhost
    [250] '96.224.196.138'
    [250] '8BITMIME'
    [250] 'SIZE 20480000'
    [250] 'AUTH=PLAIN LOGIN'
    [250] 'AUTH PLAIN LOGIN'
    [250] 'STARTTLS'
    Starting TLS...
    > STARTTLS
    [220] 'Begin TLS negotiation now'
    Using cipher: DHE-RSA-AES256-SHA
    Subject Name: /OU=Domain Control Validated/CN=*.smtp.sendgrid.net
    Issuer  Name: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287
    > EHLO localhost
    [250] '96.224.196.138'
    [250] '8BITMIME'
    [250] 'SIZE 20480000'
    [250] 'AUTH=PLAIN LOGIN'
    [250] 'AUTH PLAIN LOGIN'
    AUTH method (PLAIN LOGIN): using LOGIN
    > AUTH LOGIN
    [334] 'xxxx'
    > xxxx
    [334] 'xxx
    > xxxx
    [235] 'Authentication successful.'
    Authentication of zoheb@smtp.sendgrid.net succeeded
    > MAIL FROM: <scanner@zoheb.com>
    [250] 'Sender address accepted'
    > RCPT TO: <xxxx@gmail.com>
    [250] 'Recipient address accepted'
    > DATA
    [354] 'Continue'
    [250] 'Delivery in progress'
    > QUIT
    [221] 'See you later'

3 Responses
Add your response

Did you figure out how to add e-mail addresses to the printer itself so you don't need to manually enter them when doing scan-to-email?

over 1 year ago ·

I'm unable to solve this problem. I have created an account on sendgrid now what to do ?

over 1 year ago ·

@zohebsait thanks. I think that Brother printers simply have a broken AUTH CRAM-MD5 because I coudn't get it to work with some other SMTP provider (mailjet).
Looking at the logs, th server would simply respond that the password was incorrect.
Originally I tried getting stunnel to work (first woth google, then other providers), but the server always disconnected as the stunnel log always showed the the SLL state got into an uniknown state.
I then used sendgrid, with plain authentication ((yes life sucks), and it works. (I didn't need to set email.mydomain.com to get it activated).

@djmarcin on my MFC8860DN I need to open the web management, select Fax Setting/Set Auto Dial/ One Touch Dial, and there you have it.

over 1 year ago ·