I need to send e-mail through my remote Postfix/Dovecot SASL service from Node.js on my desktop.
When I send email using Thunderbird, it works and the Postfix server logs show
Anonymous TLS connection established from unknown[dh.cp.ip.ip]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
But not through nodemailer, where the Postfix server logs:
Nov 26 22:02:31 servicelabel postfix/submission/smtpd[27019]: connect from unknown[dh.cp.ip.ip]
Nov 26 22:02:31 servicelabel postfix/submission/smtpd[27019]: lost connection after CONNECT from unknown[dh.cp.ip.ip]
Nov 26 22:02:31 servicelabel postfix/submission/smtpd[27019]: disconnect from unknown[dh.cp.ip.ip] commands=0/0
These same settings are used for Nodemailer transport and Thunderbird
let transporter = nodemailer.createTransport(
{
host: "mx.example.com",
port: 587,
secure: false, // use TLS
// requireTLS:true,
auth: {
user: "emailuser",
pass: "password"
},
tls: { rejectUnauthorized: false },
// logger: true,
debug: true
},
{
from: '[email protected]',
}
);
But Nodemailer won't connect to Dovecot with TLS the same way Thunderbird does ??
when I change secure to true
to force TLS a SSL routines:ssl3_get_record:wrong version number
error (below); it appears when verifying the transport.
transporter.verify(function(error, success) {
if (error) {
console.log(error);
} else {
console.log("Server is ready to take our messages");
return false;
}
});
Error: 140185182082944:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:
code:"ECONNECTION"
command:"CONN"
function:"ssl3_get_record"
library:"SSL routines"
message:"140185182082944:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:\n"
reason:"wrong version number"
stack:"Error: 140185182082944:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:\n"
When I test with this command:
openssl s_client -starttls smtp -connect mx.example.com:587
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = mx.example.com
verify return:1
---
Certificate chain
0 s:CN = mx. ...
...
...
... the SSL/STARTTLS handshake succeeds and certificates
But if I use this command:
openssl s_client -connect mx.example.com:587 -crlf -ign_eof
I get the same error as with Nodemailer
CONNECTED(00000005)
140508975112640:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:332:
I've tried a number of option configurations and am at a loss...
How do I send secure email through my Dovecot/Postfix server via Nodemailer? Do I need to configure some certs in Nodemailer? Should I use something different to send secure email from node.js? Any help appreciated.
In short, what you need to do to send messages, would be the following: Create a Nodemailer transporter using either SMTP or some other transport mechanism. Set up message options (who sends what to whom) Deliver the message object using the sendMail() method of your previously created transporter.
No known vulnerabilities in nodemailer Security wise, nodemailer seems to be a safe package to use. Over time, new vulnerabilities may be disclosed on nodemailer and other packages.
Nodemailer and SendGrid can be primarily classified as "Transactional Email" tools. Airbnb, Uber Technologies, and Spotify are some of the popular companies that use SendGrid, whereas Nodemailer is used by OVLMBP Inc, KOACHR, and Yooniks co.
Twilio SendGrid, Mailgun, Amazon SES, EmailJS, and Mailchimp are the most popular alternatives and competitors to Nodemailer.
My unit testing context in Mocha
does not have the ciphersuites of Node.js available.
The Nodemailer has no problem initiating TLS handshake from STARTLS when running in a Node.js context.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With