fix(tls): Ensure servername for SMTP

nodemailer · Mar 20, 2024 · d66fdd3 · d66fdd3
1 parent 4ae5fad
commit d66fdd3
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/lib/smtp-connection/index.js b/lib/smtp-connection/index.js
@@ -58,6 +58,8 @@ class SMTPConnection extends EventEmitter {
         this.port = Number(this.options.port) || (this.secureConnection ? 465 : 587);
         this.host = this.options.host || 'localhost';
 
+        this.servername = this.options.servername ? this.options.servername : !net.isIP(this.host) ? this.host : false;
+
         this.allowInternalNetworkInterfaces = this.options.allowInternalNetworkInterfaces || false;
 
         if (typeof this.options.secure === 'undefined' && this.port === 465) {
@@ -296,6 +298,12 @@ class SMTPConnection extends EventEmitter {
                     opts[key] = this.options.tls[key];
                 });
             }
+
+            // ensure servername for SNI
+            if (this.servername && !opts.servername) {
+                opts.servername = this.servername;
+            }
+
             return shared.resolveHostname(opts, (err, resolved) => {
                 if (err) {
                     return setImmediate(() => this._onError(err, 'EDNS', false, 'CONN'));
@@ -904,6 +912,11 @@ class SMTPConnection extends EventEmitter {
             opts[key] = this.options.tls[key];
         });
 
+        // ensure servername for SNI
+        if (this.servername && !opts.servername) {
+            opts.servername = this.servername;
+        }
+
         this.upgrading = true;
         // tls.connect is not an asynchronous function however it may still throw errors and requires to be wrapped with try/catch
         try {