Node v12+ Requires TLS min v1

nodemailer / smtp-server

Create custom SMTP servers on the fly

Other

862 stars 146 forks source link

Node v12+ Requires TLS min v1 #136

Open niftylettuce opened 4 years ago

niftylettuce commented 4 years ago

We need to add the option minVersion: 'TLSv1' to https://github.com/nodemailer/smtp-server/blob/14c2435296bf42bff51c4ff0240ab3b7b20b0923/lib/tls-options.js#L64

niftylettuce commented 4 years ago

Ref: https://stackoverflow.com/a/56319636

andris9 commented 4 years ago

Could you test if it works and make a pull request for it?

niftylettuce commented 4 years ago

We also need to add secureOptions: crypto.constants.SSL_OP_NO_SSLv3

andris9 commented 4 years ago

minVersion and secureOptions can not be used at the same time. Using minVersion seems like more reasonable option (as it is simpler). What for would be the SSL_OP_NO_SSLv3 option anyway, seems kind of cryptic?

niftylettuce commented 4 years ago

@andris9 here's the config I used: <https://github.com/forwardemail/free-email-forwarding/blob/master/index.js#L144-L151

{
  // ...
  minVersion: 'TLSv1',
  ciphers: tls.getCiphers().map(cipher => cipher.toUpperCase()).join(':'),
  secureOptions: crypto.constants.SSL_OP_NO_SSLv3 | crypto.constants.SSL_OP_NO_SSLv2
}

niftylettuce commented 3 years ago

Ref: https://github.com/nodemailer/smtp-server/issues/136 Ref: https://github.com/nodemailer/smtp-server/issues/122 Ref: https://github.com/nodemailer/smtp-server/issues/156