Feature Request: Support Bypassing TLS Certificate Verification

[wespday]

ReleaseMessage in the UI is not working with my SMTP server.

Trying mhsendmail from the command line returns this error:

error sending mail
2015/08/13 18:33:46 x509: certificate signed by unknown authority

There is a discussion of a similar issue here: https://groups.google.com/d/msg/golang-nuts/W95PXq99uns/Vaez9gyO-BkJ

[ian-kent]

Thanks @wespday, good idea :+1: I'll have a look when I get time, or PR's are welcome :smile:

[vincebowdrentribal]

If the smtp server has any certificates at all, but not for the name by which you're contacting it, then you get a different error message:

Failed to release message: x509: certificate is valid for VM-EXJK01-F1, test.example.com, VM-EXJK01-E1.example.net, not smtp.example.net

Again, it'd be nice for mailhog to have the option to just connect unencrypted if that's what the smtp server is expecting.

[jtammen]

@wespday @vincebowdren I know this is kind of old … but did you ever manage to work around this issue?

I am trying to forward from Mailhog to https://github.com/antespi/docker-imap-devel and I am also getting this error:

Failed to release message: x509: certificate is valid for xxxxx, not xyz

[vincebowdrentribal]

@jtammen No, for a number of reasons:

1. there didn't seem to be any easy solution available
2. I found that I could use MailDev for my test rig: https://danfarrelly.nyc/MailDev/.
3. the smtp relay that I was trying to forward on to (within the corporate network) was shut down.

So I ended up using MailDev to catch my AUT's outgoing mail, without bothering to try forwarding it on anywhere.

[jtammen]

@vincebowdren Thanks for your reply – I also ended up switching to MailDev.

[xoroz]

I get the same error mailhog | Failed to release message: x509: certificate has expired or is not yet valid

e-mail does not go thru: on SMTP server I see:

Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: mypc.my.local[10.255.0.201]: TLS cipher list "aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH" Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: SSL_accept:before/accept initialization Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: SSL_accept:unknown state Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: message repeated 6 times: [ SSL_accept:unknown state] Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: SSL3 alert read:fatal:bad certificate Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: SSL_accept:failed in error Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: SSL_accept error from mypc.my.local[10.255.0.201]: 0 Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: warning: TLS library problem: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:s3_pkt.c:1487:SSL alert number 42: Mar 6 12:27:13 postfixlist postfix/smtpd[15981]: lost connection after STARTTLS from

[Phlegethonyarre]

Same problem here, getting error with TLS + self-signed certificate. Failed to release message: x509: certificate signed by unknown authority It would be nice to have a future to disable TLS verification (skip-verify or smth. like this).

[welsh]

You can try building the docker image yourself and adding in the certificates as a work-around:

FROM mailhog/mailhog:v1.0.1

USER root
RUN apk update && apk add ca-certificates && rm -rf /var/cache/apk/*

COPY ./certs/my-cert.crt /usr/local/share/ca-certificates/
RUN update-ca-certificates

USER mailhog