OracleDB‎ > ‎Error‎ > ‎

ORA-24247

Error:

ORA-24247: network access denied by access control list (ACL)?

Cause:

Oracle Database 11g comes with a new security functionality which implements Access Control Lists for UTL_TCP/HTTP/SMTP.

Solution:

An Access Control List with privileges to use the SMTP (in this case) package for the IP of the mail server specified for the specific user/schema that sends out mail should be created.

Create an ACL:
begin
dbms_network_acl_admin.create_acl (
acl => 'mail_acl.xml',
description => 'Mail ACL',
principal => 'CONNECT',
is_grant => TRUE,
privilege => 'connect',
start_date => null,
end_date => null
);
end;

Then grant the user/schema access to the ACL:
begin
dbms_network_acl_admin.add_privilege (
acl => 'mail_acl.xml',
principal => 'MYUSER',
is_grant => TRUE,
privilege => 'connect',
start_date => null,
end_date => null);
end;

Add the SMTP server to be used by the ACL
begin
dbms_network_acl_admin.assign_acl (
acl => 'mail_acl.xml',
host => 'smtp.mymailserver.tld',
lower_port => 1,
upper_port => 10000);
end;

Grant execute permission on the SMTP package to the user:
grant execute on utl_smtp to myuser;
Comments