Add "connection security" options to System mailer
RichardHausgartner opened this issue · comments
I configured these environment variables:
environment:
MAILER_TYPE: smtp
MAILER_SMTP_HOST: smtp.mymailserver.com
MAILER_SMTP_USER: "user"
MAILER_SMTP_PASSWORD: "pass"
MAILER_SMTP_FROM_EMAIL: "noreply@mymailserver.com"
MAILER_SMTP_PORT: 587
When creating a new user or resetting the password, these settings are used, as in the documentation mentioned.
But when triggering these events, this error occurs:
(Swoosh.DeliveryError) delivery error: {:send, {:network_failure}
The interesting thing is, that I use the same mailserver settings for the sending of the actual newsletter.
I configured the security option "STARTTLS" and it works great.
So, please add the security options to the System Mailer. Thanks!
Can you try adding MAILER_ENABLE_SSL=TRUE?
Can you try adding
MAILER_ENABLE_SSL=TRUE?
Thanks for the hint, this is my setup now:
environment:
MAILER_TYPE: smtp
MAILER_SMTP_HOST: smtp.mymailserver.com
MAILER_SMTP_USER: "user"
MAILER_SMTP_PASSWORD: "pass"
MAILER_SMTP_FROM_EMAIL: "noreply@mymailserver.com"
MAILER_SMTP_PORT: 587
MAILER_ENABLE_SSL: true
I receive this error message in logs:
** (exit) an exception was raised: ** (Swoosh.DeliveryError) delivery error: {:retries_exceeded, {:network_failure, '(here the ip of smtp.mymailserver.com)', {:error, {:tls_alert, {:unexpected_message, 'TLS client: In state hello at tls_record.erl:561 generated CLIENT ALERT: Fatal - Unexpected Message\n {unsupported_record_type,50}'}}}}}
(I use the latest source at 8426887)
Have you tried using port 465 on your mail server?
Have you tried using port 465 on your mail server?
This is the setup:
environment:
MAILER_TYPE: smtp
MAILER_SMTP_HOST: smtp.mymailserver.com
MAILER_SMTP_USER: "user"
MAILER_SMTP_PASSWORD: "pass"
MAILER_SMTP_FROM_EMAIL: "noreply@mymailserver.com"
MAILER_SMTP_PORT: 465
MAILER_ENABLE_SSL: true
This results in:
** (exit) an exception was raised:
** (Swoosh.DeliveryError) delivery error: {:retries_exceeded, {:network_failure, '(IP of here the ip of smtp.mymailserver.com)', {:error, :timeout}}}
(keila 0.12.6) lib/keila/mailer.ex:2: Keila.Mailer.deliver!/2
(keila 0.12.6) lib/keila/auth/auth.ex:630: Keila.Auth.send_password_reset_link/2
(But I'm sure, that SSL/465 works, because I use it in email clients.)
Actually, looking at your error message more closely, it seems like you were not running the most recent version from main. (The two commits I just made don’t really change how system emails are sent, it’s just a refactoring of what was already there).
Actually, looking at your error message more closely, it seems like you were not running the most recent version from
main.
I used this commit for my issue:
commit 842688731e06f544b9c272d7f341aff8991543cd (HEAD -> main, origin/main, origin/HEAD)
Author: Philipp <(removed to avoid spamming)>
Date: Mon Oct 30 13:26:16 2023 +0100
Allow adding links to images in Markdown campaigns
M CHANGELOG.md
M lib/keila/templates/html.ex
I just tried the commit 201a3f3:
commit 201a3f3e72688f40ba770c56c4a67debf8623009 (HEAD -> main, origin/main, origin/HEAD)
Author: Philipp <(removed to avoid spamming)>
Date: Thu Nov 2 22:19:58 2023 +0100
Use Application.ensure_all_started for tls_certificate_check
But it is the same as in #246 (comment) .
** (exit) an exception was raised:
** (Swoosh.DeliveryError) delivery error: {:retries_exceeded, {:network_failure, '(IP of here the ip of smtp.mymailserver.com)', {:error, :timeout}}}
(keila 0.12.6) lib/keila/mailer.ex:2: Keila.Mailer.deliver!/2
(keila 0.12.6) lib/keila/auth/auth.ex:630: Keila.Auth.send_password_reset_link/2
(keila 0.12.6) lib/keila_web/controllers/auth_controller.ex:111: KeilaWeb.AuthController.post_reset/2
(keila 0.12.6) lib/keila_web/controllers/auth_controller.ex:1: KeilaWeb.AuthController.action/2
(keila 0.12.6) lib/keila_web/controllers/auth_controller.ex:1: KeilaWeb.AuthController.phoenix_controller_pipeline/2
Thank you for your fast response and your recent commits! 👏
So you’re running Keila from source, not from the Docker image? Is it possible that your OS is missing CA certificates?
If you’re running from source, could you share the output of Application.get_env(:keila, Keila.Mailer) from IEx? (start with iex -S mix).
Oh, and if you are using the Docker image, try the new one I’ve just published (0.12.7).
I'm on arm64 with Ubuntu 22.04.3 LTS.
So I use your docker-compose.yml file and do a docker compose build from the main github tree.
Everything works fine with this setup, even the main functionality to send newsletters (through SMTP with "STARTTLS" over 587). 🤔
How can I support you with output from the docker container?
Aaah … that’s the issue maybe. The system Mailer doesn’t currently support STARTTLS. Does your server not have proper TLS/SSL?
Could you try this branch? https://github.com/pentacent/keila/tree/feature/system-mailer-starttls
And enable MAILER_ENABLE_STARTTLS. MAILER_ENABLE_SSL should not be set.
And enable
MAILER_ENABLE_STARTTLS.MAILER_ENABLE_SSLshould not be set.
I use this branch:
commit 61fae4a80964360d365f2debea958490bd9dac30 (HEAD -> feature/system-mailer-starttls, origin/feature/system-mailer-starttls)
Author: Philipp <(removed to avoid spamming)>
Date: Thu Nov 2 23:46:53 2023 +0100
Add Starttls support for system mailer
M config/runtime.exs
And this is my docker compose file:
environment:
MAILER_TYPE: smtp
MAILER_SMTP_HOST: smtp.mymailserver.com
MAILER_SMTP_USER: "user"
MAILER_SMTP_PASSWORD: "pass"
MAILER_SMTP_FROM_EMAIL: "noreply@mymailserver.com"
MAILER_SMTP_PORT: 587
MAILER_ENABLE_STARTTLS: true
(MAILER_ENABLE_SSL is not defined!)
With this setup, it works! 👏
(I tried "reset password" and "create new user")
--
I have to investigate separately why smtp.mymailserver.com does not accept SSL/465 in keila 🤔.
But the reason of this issue is solved. Thank you very much! 🙏
Awesome! I’ll merge it into main and publish a new release then 😄