Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Trying to send signed email even though TLS is disabled

See original GitHub issue

Hello,

In my admin panel, I have disabled TLS for sending emails. However, when trying to recover a password for example, the client shows “Internal server error” and the logs show this:

wekan_1    | Exception while invoking method 'forgotPassword' Error: self signed certificate
wekan_1    |     at Object.Future.wait (/build/programs/server/node_modules/fibers/future.js:449:15)
wekan_1    |     at Mail._syncSendMail (packages/meteor.js:213:24)
wekan_1    |     at smtpSend (packages/email.js:110:13)
wekan_1    |     at Object.Email.send (packages/email.js:168:5)
wekan_1    |     at AccountsServer.Accounts.sendResetPasswordEmail (packages/accounts-password/password_server.js:614:9)
wekan_1    |     at [object Object].Meteor.methods.forgotPassword (packages/accounts-password/password_server.js:546:12)
wekan_1    |     at packages/check.js:130:16
wekan_1    |     at [object Object]._.extend.withValue (packages/meteor.js:1122:17)
wekan_1    |     at Object.exports.Match._failIfArgumentsAreNotAllChecked (packages/check.js:129:41)
wekan_1    |     at maybeAuditArgumentChecks (packages/ddp-server/livedata_server.js:1734:18)
wekan_1    |     at packages/ddp-server/livedata_server.js:719:19
wekan_1    |     at [object Object]._.extend.withValue (packages/meteor.js:1122:17)
wekan_1    |     at packages/ddp-server/livedata_server.js:717:40
wekan_1    |     at [object Object]._.extend.withValue (packages/meteor.js:1122:17)
wekan_1    |     at packages/ddp-server/livedata_server.js:715:46
wekan_1    |     at [object Object]._.extend.protocol_handlers.method (packages/ddp-server/livedata_server.js:689:23)
wekan_1    |     - - - - -
wekan_1    |     at Error (native)
wekan_1    |     at TLSSocket.<anonymous> (_tls_wrap.js:1063:38)
wekan_1    |     at emitNone (events.js:67:13)
wekan_1    |     at TLSSocket.emit (events.js:166:7)
wekan_1    |     at TLSSocket._init.ssl.onclienthello.ssl.oncertcb.TLSSocket._finishInit (_tls_wrap.js:621:8)
wekan_1    |     at TLSWrap.ssl.onclienthello.ssl.oncertcb.ssl.onnewsession.ssl.onhandshakedone (_tls_wrap.js:453:38)

Why is wekan trying to sign anything even though TLS is disabled? Is it a bug or am I missing something?

Instance is installed with docker-compose, image is the latest one at the time of writing (0.27), and my email server config has been confirmed working with a number of other services.

Thanks!

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Reactions:2
  • Comments:18 (8 by maintainers)

github_iconTop GitHub Comments

1reaction
mpartipilocommented, Jul 19, 2017

I FINALLY figured out the problem… It’s the docker-versatile-postfix that includes a self-signed certificate in its image. I bash’d into the container and commented these lines in /etc/postfix/main.cf and now email works:

# TLS parameters
#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

I will start looking for a replacement for that docker image. Perhaps go with https://github.com/catatnight/docker-postfix or https://github.com/tomav/docker-mailserver

0reactions
xet7commented, Apr 24, 2021
Read more comments on GitHub >

github_iconTop Results From Across the Web

Understanding email scenarios if TLS versions cannot be ...
If the receiving server does not support TLS 1.2, Exchange Online being opportunistic will try to send email without TLS.
Read more >
Require a secure connection for email - Google Support
TLS prevents unauthorized access of your email when it's. ... By default, Gmail always tries to use a secure TLS connection when sending...
Read more >
Disable Outlook SSL/TLS for PGP Email? | Endpoint Encryption
PGP Desktop 10.2 pops up a message when trying to send a encrypted email via Outlook 2010. Prompts to Disable SSL / TLSHow...
Read more >
can not send mail after update ver78 SOLVED: caused by TLS
min = 1 and set my security.tls.version.enable-deprecated = true and TB still does not function Inbound or Outgoing with my Earthlink ISP email...
Read more >
How to send encrypted email - Entrust
1. Send a signed email to a recipient. · 2. You will also need a copy of that person's public key. · 3....
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Manual installation fail

Next page

"Mail not sent; to enable sending, set the MAIL_URL environment variable." despite having set MAIL_URL