prometheus
If I customize the SSL/TLS port, how should Alertmanager support?
Summary
The current email notification implementation has hardcoded logic that only enables direct TLS connections for port 465. This creates a limitation when using TLS on other ports, causing create SMTP client: EOF errors when the server expects TLS connections on non-465 ports.
Description
In notify/email/email.go:133, there's hardcoded logic that only uses tls.Dial() for port 465, while all other ports use plain TCP connections. This causes issues when SMTP servers require TLS connections on ports other than 465.
However, some SMTP servers may be configured to require TLS connections on non-standard ports but don't support STARTTLS, leading to EOF errors.
Hi, thanks for looking into this issue! Allowing tls over non-standard ports seems like a very reasonable feature.
I think the best way to do this would be a new field in EmailConfig (https://github.com/prometheus/alertmanager/blob/main/config/notifiers.go#L300-L317) that "forces" TLS. This way, we can keep the existing behavior where we assume a TLS connection is required if the port is 465 while allowing users to configure TLS for other ports.
What do you think of that plan? Would you be interested in contributing this change?
Hi, thanks for looking into this issue! Allowing tls over non-standard ports seems like a very reasonable feature.
I think the best way to do this would be a new field in
EmailConfig(https://github.com/prometheus/alertmanager/blob/main/config/notifiers.go#L300-L317) that "forces" TLS. This way, we can keep the existing behavior where we assume a TLS connection is required if the port is465while allowing users to configure TLS for other ports.What do you think of that plan? Would you be interested in contributing this change?
Sounds good!