Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Minor phpMailer issue with 'SMTPAutoTLS' #986

Closed
xrobau opened this issue May 30, 2019 · 2 comments

Comments

Projects
None yet
2 participants
@xrobau
Copy link
Contributor

commented May 30, 2019

On Modern PHP versions, if you're creating a TLS connection the certificate needs to be valid, and will fail with an uninformative error if the certificate is incorrect

https://github.com/PHPMailer/PHPMailer/blob/master/src/PHPMailer.php#L282

This bit me because the cerificate on our SMTP host is valid, but for development we refer to it as 'intmail' (10.x.x.x) not 'mail' (203.x.x.x). The certificate is only valid for 'mail'.

Because of this, I've explicitly disabled TLS, but, because the server still offers STARTTLS, the AutoTLS flag means that phpMailer tries to convert it to TLS, the certificate errors, and the connection is dropped.

xrobau added a commit to xrobau/UserFrosting-1 that referenced this issue May 30, 2019

Resolves Issue userfrosting#986 - Turn off opportunistic TLS when dis…
…abled.

This ensures that when you have disabled 'secure' in your mail
config no TLS attempts are ... attempted.

This is because PHPMailer requires a valid Certificate, which
may not always be available.  See:
   https://github.com/PHPMailer/PHPMailer/blob/master/src/PHPMailer.php#L282

Signed-Off-By: Rob Thomas <xrobau@gmail.com>
@lcharette

This comment has been minimized.

Copy link
Member

commented May 30, 2019

Semi-related to #763 & #693.

I can't find the other issue, but there was this idea to have a setting to send all mail to some sort of log file in development. It would help all sort of issue with mail in development mode. For example, right now, we can't create users in development mode without email support. It also mean you can spam your user when testing something in development mode with a copy of the production db 😱.

EDIT : Interesting read :
https://laravel.com/docs/5.8/mail#mail-and-local-development

In any case, the TLS error can also happen in production, so it's still valid.

@xrobau

This comment has been minimized.

Copy link
Contributor Author

commented May 30, 2019

For example, right now, we can't create users in development mode without email support.

That was a good point - I've added an override to my docker 'example' sprinkle

xrobau/userfrosting-docker@0c8c165

lcharette added a commit that referenced this issue Jun 13, 2019

Resolves Issue #986 - Turn off opportunistic TLS when disabled. (#987)
This ensures that when you have disabled 'secure' in your mail config no TLS attempts are ... attempted.

@lcharette lcharette added this to the 4.2.x milestone Jun 13, 2019

@lcharette lcharette closed this Jun 13, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.