Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[server] SMTP connection with STARTTLS does not work #5222

Closed
kc9jud opened this issue Jul 21, 2021 · 7 comments
Closed

[server] SMTP connection with STARTTLS does not work #5222

kc9jud opened this issue Jul 21, 2021 · 7 comments
Labels
backlog We'll get to it... eventually... bug It's a bug server Issues related to Joplin Server

Comments

@kc9jud
Copy link

kc9jud commented Jul 21, 2021
edited

Environment

Joplin version: Joplin Server v2.2.7-beta
Platform: Linux amd64
OS specifics: Ubuntu 18.04 + Docker

Steps to reproduce

  1. Set MAILER_SECURE=0 in environment configuration.
  2. Restart Docker container.
  3. EmailService maintenance fails.

Describe what you expected to happen

Setting secure=false for nodemailer should cause it to use STARTTLS rather than an SSL socket. However, setting MAILER_SECURE=0 does not seem to be respected:

joplin/packages/server/src/config.ts

Line 93 in f611d77

secure: !!Number(env.MAILER_SECURE) || true,

In addition, the default value of true on that line is inconsistent with the default port on the line above:

joplin/packages/server/src/config.ts

Line 92 in f611d77

port: Number(env.MAILER_PORT || 587),

(The submission port 587 normally uses STARTTLS, where as port 465 is standard for SMTPS a.k.a SMTP over SSL.)

Logfile

2021-07-21 20:01:49: [error] EmailService: Could not run maintenance: [Error: Could not initialize transporter. Service will be disabled: 140262647203648:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:
] {
  library: 'SSL routines',
  function: 'ssl3_get_record',
  reason: 'wrong version number',
  code: 'ESOCKET',
  command: 'CONN'
}
2021-07-21 20:01:49: EmailService: Maintenance completed in 130ms
@kc9jud kc9jud added the bug It's a bug label Jul 21, 2021
@kc9jud kc9jud changed the title SMTP connection with STARTTLS does not work [server] SMTP connection with STARTTLS does not work Jul 22, 2021
@stale
Copy link

stale bot commented Aug 22, 2021

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may comment on the issue and I will leave it open. Thank you for your contributions.

@stale stale bot added the stale An issue that hasn't been active for a while... label Aug 22, 2021
@kc9jud
Copy link
Author

kc9jud commented Aug 22, 2021

Yes, this is still an issue with 2.3.7-beta:

2021-08-22 18:25:26: [error] EmailService: Could not run maintenance: [Error: 139770672543680:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:
] {
  library: 'SSL routines',
  function: 'ssl3_get_record',
  reason: 'wrong version number',
  code: 'ESOCKET',
  command: 'CONN'
}

@stale stale bot removed the stale An issue that hasn't been active for a while... label Aug 22, 2021
kc9jud added a commit to kc9jud/joplin that referenced this issue Aug 22, 2021
@kc9jud
Server: Fix STARTTLS negotiation for EmailService
1bd9b0a 
This makes MAILER_SECURE accept either `none`, `smtps`, or `starttls`,
and passes the correct values to Nodemailer:

https://nodemailer.com/smtp/#tls-options

This also changes the default MAILER_PORT to 465, to be consistent
with the default MAILER_SECURE value of `smtps`.

Fixes laurent22#5222.
@kc9jud kc9jud mentioned this issue Aug 22, 2021
Closed
@stale
Copy link

stale bot commented Sep 21, 2021

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may comment on the issue and I will leave it open. Thank you for your contributions.

@stale stale bot added the stale An issue that hasn't been active for a while... label Sep 21, 2021
@kc9jud
Copy link
Author

kc9jud commented Sep 21, 2021

This is still waiting on #5369.

@stale stale bot removed the stale An issue that hasn't been active for a while... label Sep 21, 2021
jinnatar added a commit to jinnatar/joplin that referenced this issue Oct 30, 2021
@jinnatar
Set MAILER_SECURE default to false to align with nodemailer default
b588664 
Any value other an an explicit "1" is interpreted as false.

Fixes laurent22#5222

MAILER_SECURE enables a forced SSL mode (SMTPS) often seen on port 465.
The other common variant of port 587 & STARTSSL requires MAILER_SECURE
to be false. More importantly, as previously written there was no way
to set it to false, thus making STARTTLS impossible to use. With this
setup both options can be used as required in the installation
environment.
@jinnatar jinnatar mentioned this issue Oct 30, 2021
Closed
@laurent22 laurent22 added backlog We'll get to it... eventually... server Issues related to Joplin Server labels Oct 30, 2021
@jinnatar
Copy link

jinnatar commented Nov 3, 2021

b5d792c has solved the immediate issue of not being able to override the secure parameter. Will test if STARTSSL is feasible now.

@jinnatar jinnatar mentioned this issue Nov 3, 2021
Closed
@jinnatar
Copy link

jinnatar commented Nov 3, 2021

I am unable to confirm if email sending is now functional with STARTSSL since it seems to be completely broken: #5669

@jinnatar jinnatar mentioned this issue Nov 3, 2021
Closed
@jinnatar
Copy link

jinnatar commented Nov 3, 2021

I can confirm that STARTTLS is now functional when setting MAILER_SECURE=0 and per Exim4 logs it's not just an unsecured connection but encrypted as expected:

2021-11-03 14:21:33 1miH8v-0002cX-Jl <= joplinadmin+noreply@example.com H=docker1.example.com ([127.0.0.1]) [10.0.10.3] P=esmtps X=TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256 CV=no S=1370 id=0ed2de42-308d-3341-05ce-a1f2f9e0d5a9@example.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backlog We'll get to it... eventually... bug It's a bug server Issues related to Joplin Server
Projects
None yet
Milestone
No milestone
3 participants
@laurent22 @jinnatar @kc9jud