ghosler icon indicating copy to clipboard operation
ghosler copied to clipboard
verified publisher icon ItzNotABug

Support Insecure and Non-Authenticated SMTP Servers on Localhost

Open fritz-fritz opened this issue 1 year ago • 7 comments

I'm not sure if I am doing something wrong, but I can't seem to successfully use the Sendmail Transport for NodeMailer. I was under the impression that the configuration file format is the same as Ghost and so attempted to manually replicate the same settings.

As I have sendmail successfully configured on the VPS where Ghosler and Ghost will be running, I do not require SMTP and instead just the Sendmail transport.

My Ghost config.production.json mail snippet is here:

  "mail": {
    "transport": "Sendmail",
    "from": "Sender <[email protected]>"
  }

And so my Ghosler equivalent was similarly thus:

"mail":[{"reply_to":"'Support' <[email protected]>","from":"'Newsletter' <[email protected]>","transport":"Sendmail","batch_size":10,"delay_per_batch":1250}]

Unfortunately though, the analytics tab shows that it was stuck "Sending" and had not gone out. I do not see anything in the logs either in Debug or in Error.

Additionally, such a change to the config.production.json causes the "Settings" tab to return a 500 code so I suspect the backend does not parse the config correctly or handle the transport definition.

fritz-fritz avatar May 29 '24 08:05 fritz-fritz

Hey @fritz-fritz 👋, The config file for Ghosler is not same as Ghost as it supports adding multiple email addresses for splitting the newsletter sending load / limit.

You should be able to go to Ghosler > Settings > Scroll down to Email Settings > Add all the required info. > Save.

ItzNotABug avatar May 29 '24 08:05 ItzNotABug

Yes I understand that much, though the goal is NOT to use a hardcoded SMTP server and instead rely on NodeMailer's Sendmail transport directly. Ghosler does use NodeMailer correct?

fritz-fritz avatar May 29 '24 08:05 fritz-fritz

Ghosler indeed uses Nodemailer for sending the newsletter but via SMTP credentials.

Afaik the sendmail flag is similar to mail() in PHP, this might send the emails but high chance they land up in the SPAM folder. Using proper credentials from SMTP can avoid that to a good extent. Better if you use services that provide emails for exactly these purposes.

ItzNotABug avatar May 29 '24 09:05 ItzNotABug

I do appreciate how responsive and helpful you are!

Okay well I have confirmed I can talk to my sendmail server via telnet localhost 25 and so i'm attempting to configure Ghosler to use localhost 25. The sendmail server does NOT require authentication and does NOT support TLS. I have attempted to configure the config as such:

"mail":[{"reply_to":"'Support' <[email protected]>","from":"'Newsletter' <[email protected]>","host":"localhost","port":"25","batch_size":10,"delay_per_batch":1250,"auth":{"user":null,"pass":null},"secure":false}]

Unfortunately, it doesn't actually send.

Ghosler Error Log:

[2024-05-29 09:34:57 UTC] => [ERROR] => Newsletter: Error: 00A841FA37700000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:354:
[2024-05-29 09:34:57 UTC] => [ERROR] => Newsletter: Error: 00A841FA37700000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:354:

Mail Log:

2024-05-29T09:34:57.420232+00:00 ghost sm-mta[36438]: 44T9YvbS036438: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4
2024-05-29T09:34:57.434182+00:00 ghost sm-mta[36439]: 44T9Yvwn036439: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4

I'm not sure what is causing the SSL error as theoretically I have disabled secure transport on the mail setting. But my theory here is that Ghosler initiates the connection to the MTA but with SSL/TLS and so doesn't handle the response properly hence the MTA not getting the MAIL command.

fritz-fritz avatar May 29 '24 09:05 fritz-fritz

Oh and I am using a local sendmail instance to relay to my sender so that I can apply custom milters to the outgoing messages such as MIME signing.

fritz-fritz avatar May 29 '24 09:05 fritz-fritz

ahhhhh you hardcoded it to use secure transport https://github.com/ItzNotABug/ghosler/blob/244575e44287af50af273bd5362cdc9cd7ac93fb/utils/mail/mailer.js#L192

fritz-fritz avatar May 29 '24 09:05 fritz-fritz

I understand this is nearly a year old, however, I would like to add that it is not limited to sendmail.

[2025-01-13 06:28:52 UTC] => [ERROR] => Newsletter: Error: 0008277C4D7F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:355:
[2025-01-13 06:28:52 UTC] => [ERROR] => Newsletter: Error: 0008277C4D7F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:355:

FroztIkon avatar Jan 13 '25 06:01 FroztIkon