search

ergochat / ergo

A modern IRC server (daemon/ircd) written in Go.
https://ergo.chat/
MIT License
2.23k stars 178 forks source link

[Feature] Add support for Implicit TLS while sending email #2048

Closed EchedelleLR closed 1 year ago

EchedelleLR commented 1 year ago

Currently Ergo doesn't support TLS-only connections for email sending.

It would be good if a note was added to the documentation to avoid confusion.

slingamn commented 1 year ago

Sounds like we should just add code support for this: https://serverfault.com/questions/1064955/why-is-port-587-preferred-over-port-465-in-smtp

slingamn commented 1 year ago

Relevant RFC: https://datatracker.ietf.org/doc/html/rfc8314

The nomenclature here is "Implicit TLS".

slingamn commented 1 year ago

@EchedeyLR were you using the MTA/smarthost configuration option:

https://github.com/ergochat/ergo/blob/3c59ce964d90d345b8f7f163dcb4b850dff7d1ec/default.yaml#L414-L419

or direct mail sending? In the first case it's easy to add an implicit-tls boolean flag that enables TLS from the first byte. In the second case, the current behavior is that we do the MX lookup and unconditionally dial port 25 and attempt STARTTLS, so supporting MTAs that only expose TLS on port 465 would require fallback logic.

slingamn commented 1 year ago

If I'm reading RFC8314 correctly, it only applies to the first case (a message submission agent), not the second.

EchedelleLR commented 1 year ago

I am using MTA in this case.

EchedelleLR commented 1 year ago

And correct, implicit TLS is what I would like to use, which is the preferred way.

slingamn commented 1 year ago

Nice. Would you be able to test the patch in #2049? I backported it to a base of v2.11.1 so it won't make any irreversible changes to your database. You could build it from source with:

git fetch origin
git checkout origin/implicittls_backport # git hash 71871ca1ef01d
make build # builds `ergo` binary
EchedelleLR commented 1 year ago

Let me see. I don't have GoLang installed on that machine nor at user level and would not want to mess the clean environment with it and having to clean later.

I will see if I can build it in another machine and port it to the one executing it.

slingamn commented 1 year ago

Oh right, sorry, you can also get it here: https://irc.ergo.chat/.files/ergo_71871ca1ef01d6c5

EchedelleLR commented 1 year ago

Thank you.

Give me a few hours and I will test it.

EchedelleLR commented 1 year ago

It works: : info : accounts : nickname prueba registered account prueba, pending verification

:3

Edited:

I also confirm that I received the message through email properly.