docusealco
Port 465: conflicting configs: implicit TLS + auto StartTLS
When using port 465 and security setting TLS, my connection times out. Whereas 587 & Auto works fine, mail server is functioning, and port 465 implicit TLS is functioning as confirmed via script:
import smtplib
with smtplib.SMTP_SSL(host, port) as conn:
# if enabled, fails with smtplib.SMTPNotSupportedError `STARTTLS extension not supported by server`,
# because the server had no `starttls` clause in the EHLO response:
# conn.starttls()
conn.login(username, password)
conn.sendmail(from_addr, to_addr, 'test')
I believe StartTLS is generally not permitted for implicit TLS (SMTPS), and will fail sends for some servers.
def build_smtp_configs_hash(email_configs)
value = email_configs.value
{
user_name: value['username'],
password: value['password'],
address: value['host'],
port: value['port'],
domain: value['domain'],
openssl_verify_mode: OpenSSL::SSL::VERIFY_NONE,
authentication: value.fetch('authentication', 'plain'),
enable_starttls_auto: true,
open_timeout: OPEN_TIMEOUT,
read_timeout: READ_TIMEOUT,
ssl: value['security'] == 'ssl',
tls: value['security'] == 'tls' || (value['security'].blank? && value['port'].to_s == '465')
}.compact_blank
end
end
@nolanholden thanks for reporting this. I've tried to disable starttls_auto but it doesn't seem like starttls_auto conflicts with explicit tls config - enable_starttls_auto: false doesn't change anything for me when testing SMTP on 465 port. Timeout error usually happens when the port is under a firewall - maybe port 465 is locked on your docuseal app server(or your ISP)?
At least in my case, 465 is properly accepting trafffic. As I mentioned in OP, that script (with full TLS) works fine for 465 for my mail host.
@nolanholden can you please try the latest app version - we've disabled starttls_auto if 'tls' option is selected. unfortunately i was not able to confirm it work differently than starttls_auto: true and tls: true