Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature] Add support for Implicit TLS while sending email #2048

Closed
EchedelleLR opened this issue Feb 15, 2023 · 11 comments · Fixed by #2049
Closed

[Feature] Add support for Implicit TLS while sending email #2048

EchedelleLR opened this issue Feb 15, 2023 · 11 comments · Fixed by #2049
Milestone
v2.12.0

Comments

@EchedelleLR
Copy link

Currently Ergo doesn't support TLS-only connections for email sending.

It would be good if a note was added to the documentation to avoid confusion.
@EchedelleLR EchedelleLR changed the title [Miscelanea] Add note about STARTTLS support only [Miscellaneous] Add note about STARTTLS support only Feb 15, 2023
@slingamn slingamn added this to the v2.12.0 milestone Feb 16, 2023
@slingamn
Copy link
Member

Sounds like we should just add code support for this: https://serverfault.com/questions/1064955/why-is-port-587-preferred-over-port-465-in-smtp

@slingamn
Copy link
Member

Relevant RFC: https://datatracker.ietf.org/doc/html/rfc8314

The nomenclature here is "Implicit TLS".

@slingamn
Copy link
Member

@EchedeyLR were you using the MTA/smarthost configuration option:

ergo/default.yaml

Lines 414 to 419 in 3c59ce9

# to use an MTA/smarthost instead of sending email directly:
# mta:
# server: localhost
# port: 25
# username: "admin"
# password: "hunter2"

or direct mail sending? In the first case it's easy to add an implicit-tls boolean flag that enables TLS from the first byte. In the second case, the current behavior is that we do the MX lookup and unconditionally dial port 25 and attempt STARTTLS, so supporting MTAs that only expose TLS on port 465 would require fallback logic.

@slingamn
Copy link
Member

If I'm reading RFC8314 correctly, it only applies to the first case (a message submission agent), not the second.

slingamn added a commit to slingamn/ergo that referenced this issue Feb 17, 2023
@slingamn
support implicit TLS for mail submission agents
7c53b94 
Fixes ergochat#2048
@slingamn slingamn mentioned this issue Feb 17, 2023
Merged
@EchedelleLR
Copy link
Author

I am using MTA in this case.

@EchedelleLR
Copy link
Author

And correct, implicit TLS is what I would like to use, which is the preferred way.

slingamn added a commit that referenced this issue Feb 17, 2023
@slingamn
support implicit TLS for mail submission agents
71871ca 
Fixes #2048
@slingamn
Copy link
Member

Nice. Would you be able to test the patch in #2049? I backported it to a base of v2.11.1 so it won't make any irreversible changes to your database. You could build it from source with:

git fetch origin
git checkout origin/implicittls_backport # git hash 71871ca1ef01d
make build # builds `ergo` binary

@EchedelleLR
Copy link
Author

Let me see. I don't have GoLang installed on that machine nor at user level and would not want to mess the clean environment with it and having to clean later.

I will see if I can build it in another machine and port it to the one executing it.

@slingamn
Copy link
Member

Oh right, sorry, you can also get it here: https://irc.ergo.chat/.files/ergo_71871ca1ef01d6c5

@EchedelleLR
Copy link
Author

Thank you.

Give me a few hours and I will test it.

@EchedelleLR
Copy link
Author

EchedelleLR commented Feb 18, 2023
edited

It works: : info : accounts : nickname prueba registered account prueba, pending verification

:3

Edited:

I also confirm that I received the message through email properly.

@EchedelleLR EchedelleLR changed the title [Miscellaneous] Add note about STARTTLS support only [Feature] Add support for Implicit TLS while sending email Feb 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v2.12.0
Development

Successfully merging a pull request may close this issue.

support implicit TLS for mail submission agents slingamn/ergo
2 participants
@slingamn @EchedelleLR