I'm having a behaviour with nodemailer when updated my nodejs version to 12.
Now, when I'm trying to send emails, I get:
DEBUG Creating transport: nodemailer (6.1.1; +/; SMTP/6.1.1[client:6.1.1])
DEBUG Sending mail using SMTP/6.1.1[client:6.1.1]
DEBUG [9mzLKQAwcwQ] Resolved mail.mycompany as xxx.xxx.xxx.xxx [cache miss]
INFO [9mzLKQAwcwQ] Connection established to xxx.xxx.xxx.xxx:587
DEBUG [9mzLKQAwcwQ] S: 220 mail.mycompany ESMTP
DEBUG [9mzLKQAwcwQ] C: EHLO [127.0.0.1]
DEBUG [9mzLKQAwcwQ] S: 250-mail.mycompany
DEBUG [9mzLKQAwcwQ] S: 250-STARTTLS
DEBUG [9mzLKQAwcwQ] S: 250-PIPELINING
DEBUG [9mzLKQAwcwQ] S: 250-8BITMIME
DEBUG [9mzLKQAwcwQ] S: 250-SIZE 23068672
DEBUG [9mzLKQAwcwQ] S: 250 AUTH LOGIN PLAIN CRAM-MD5
DEBUG [9mzLKQAwcwQ] C: STARTTLS
DEBUG [9mzLKQAwcwQ] S: 220 ready for tls
ERROR [9mzLKQAwcwQ] 139673645745984:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1922:
ERROR [9mzLKQAwcwQ]
DEBUG [9mzLKQAwcwQ] Closing connection to the server using "end"
ERROR Send Error: 139673645745984:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1922:
ERROR
[Error: 139673645745984:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1922:
] {
library: 'SSL routines',
function: 'ssl_choose_client_version',
reason: 'unsupported protocol',
code: 'ESOCKET',
command: 'CONN'
}
INFO [9mzLKQAwcwQ] Connection closed
INFO [9mzLKQAwcwQ] Connection closed
This is my SMTP transport config:
nodemailer.createTransport({
host: 'mail.mycompany',
port: 587,
debug: true,
logger: true,
tls: {
secure: false,
ignoreTLS: true,
rejectUnauthorized: false
},
auth: {
user: 'user',
pass: 'pass'
}
})
If I change to the latest's nodejs release of v11: 11.15.0, everything works again. Only this happens on v>12, 'cause I have tried with 12.1.0 & 12.2.0 and got the same error described above.
Someone experimenting same behaviour? Suggestions?
NOTE: I have nodemailer updated to the latest version 6.1.1 as I said on the Q'title.
I'm having a behaviour with nodemailer when updated my nodejs version to 12.
Now, when I'm trying to send emails, I get:
DEBUG Creating transport: nodemailer (6.1.1; +https://nodemailer.com/; SMTP/6.1.1[client:6.1.1])
DEBUG Sending mail using SMTP/6.1.1[client:6.1.1]
DEBUG [9mzLKQAwcwQ] Resolved mail.mycompany.com as xxx.xxx.xxx.xxx [cache miss]
INFO [9mzLKQAwcwQ] Connection established to xxx.xxx.xxx.xxx:587
DEBUG [9mzLKQAwcwQ] S: 220 mail.mycompany.com ESMTP
DEBUG [9mzLKQAwcwQ] C: EHLO [127.0.0.1]
DEBUG [9mzLKQAwcwQ] S: 250-mail.mycompany.com
DEBUG [9mzLKQAwcwQ] S: 250-STARTTLS
DEBUG [9mzLKQAwcwQ] S: 250-PIPELINING
DEBUG [9mzLKQAwcwQ] S: 250-8BITMIME
DEBUG [9mzLKQAwcwQ] S: 250-SIZE 23068672
DEBUG [9mzLKQAwcwQ] S: 250 AUTH LOGIN PLAIN CRAM-MD5
DEBUG [9mzLKQAwcwQ] C: STARTTLS
DEBUG [9mzLKQAwcwQ] S: 220 ready for tls
ERROR [9mzLKQAwcwQ] 139673645745984:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1922:
ERROR [9mzLKQAwcwQ]
DEBUG [9mzLKQAwcwQ] Closing connection to the server using "end"
ERROR Send Error: 139673645745984:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1922:
ERROR
[Error: 139673645745984:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1922:
] {
library: 'SSL routines',
function: 'ssl_choose_client_version',
reason: 'unsupported protocol',
code: 'ESOCKET',
command: 'CONN'
}
INFO [9mzLKQAwcwQ] Connection closed
INFO [9mzLKQAwcwQ] Connection closed
This is my SMTP transport config:
nodemailer.createTransport({
host: 'mail.mycompany.com',
port: 587,
debug: true,
logger: true,
tls: {
secure: false,
ignoreTLS: true,
rejectUnauthorized: false
},
auth: {
user: 'user',
pass: 'pass'
}
})
If I change to the latest's nodejs release of v11: 11.15.0, everything works again. Only this happens on v>12, 'cause I have tried with 12.1.0 & 12.2.0 and got the same error described above.
Someone experimenting same behaviour? Suggestions?
NOTE: I have nodemailer updated to the latest version 6.1.1 as I said on the Q'title.
- Experiencing the same behaviour while using a self signed certificate with a different package called Axios. Are you using a self-signed certificate? – salep Commented May 21, 2019 at 22:41
7 Answers
Reset to default 11If your mail server only supports TLS 1.0, just add:
tls: { secureProtocol: "TLSv1_method" }
UPDATE:
I finally found my fix - Pretty sure you are having the same issue. The reason this is failing as of Node 12 is because Node Version 12 has finally disabled TLS 1.0 support. Unfortunately our test mail server was ONLY supporting TLS 1.0 so there were NO valid handshake options which caused nodemailer to fail during the handshake.
This may ALSO be related to a change in version 11.4 where TLS.Min Version was modified to TLS Version 1.2 - see https://nodejs.org/api/tls.html#tls_tls_default_min_version
Anyway my fix consisted of getting my email server to STOP using TLS 1.0 and start using TLS 1.2 or TLS 1.3.
I added a bunch of registry keys on the Server and enforced TLS in the mail settings. My server was Windows 2008...
1.) Open "RegEdit" as "Administrator" (Run As Administrator)
2.) Navigate to the following Registry Key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\
3.) Add/update each of the following sub-Keys with the final DWORD values as Shown:
SSL 2.0\Client DisabledByDefault : 1
SSL 2.0\Server DisabledByDefault : 1
SSL 2.0\Server Enabled : 0
SSL 3.0\Client DisabledByDefault : 1
SSL 3.0\Server DisabledByDefault : 1
SSL 3.0\Server Enabled : 0
TLS 1.0\Server DisabledByDefault : 0
TLS 1.0\Server Enabled : 1
TLS 1.2\Client DisabledByDefault : 0
TLS 1.2\Server DisabledByDefault : 0
TLS 1.2\Server Enabled : 1
TLS 1.3\Client DisabledByDefault : 0
TLS 1.3\Server DisabledByDefault : 0
TLS 1.3\Server Enabled : 1
Should end up looking something like this: https://support.solarwinds.com/SuccessCenter/s/article/Enable-TLS-1-2-on-Windows-Server-2008
Additionally, The Next link adds client support for TLS greater than 1.0 on the Server (not needed to fix clients connecting to the server but might want to have it for outbound connections as well):
https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi
Finally, reboot your email server so TLS can be enabled and you can check that the registry settings have corrected the issue by checking for TLS connectivity - I used this link: https://www.checktls.com/TestReceiver
In my code I happened to update my transporter tls section to the following but I later tested with the original settings and everything was working fine - so the issue was 100% related to the email server settings not supporting anything other than TLS 1.0...
const transporter = nodemailer.createTransport({
host: 'email.ourhost.com',
port: 25,
secure: false,
auth: {
user: 'test',
pass: 'pass'
},
tls: {
rejectUnauthorized: false,
ignoreTLS: false,
requireTLS: true
}
});
Hopefully that helps you...
Having the same issue with npm version 6.9.0, node version 12.2.0, and nodemailer 6.1.1... Functional tests that happen to also use email ALL starting failing upon the upgrade to node 12.2.0. NOTE: these tests have been working fine up until the new version of Node...
This is the error we receive (extracted from mocha test results):
Uncaught AssertionError: expected Object {
library: 'SSL routines',
function: 'ssl_choose_client_version',
reason: 'unsupported protocol',
code: 'ESOCKET',
command: 'CONN'
} to be ''
and this is our Transport Config:
const transporter = nodemailer.createTransport({
host: 'email.ourhost.com',
port: 25,
secure: false,
auth: {
user: 'test',
pass: 'pass'
},
tls: {
rejectUnauthorized: false
}
});
Any helpful suggestions other than "downgrading" node as a solution would be appreciated!
var transporter = nodemailer.createTransport({
host: "your host address",
secure: false,
port: 25,
auth: {
user: "your username",
pass: "your password",
},
tls: {
rejectUnauthorized: false,
minVersion: 'TLSv1'
},
});
You can start node>=12 with the option --tls-min-v1.0.
It worked for me.
I couldn't change this using the command line argument --tls-min-v1. Another option is to set the minimum TLS version at run-time for all requests. This can be done by setting tls.DEFAULT_MIN_VERSION to something else like TLSv1. I just added this just after all of my require statements:
tls.DEFAULT_MIN_VERSION = 'TLSv1';
The node.js documentation has more information on the valid options for this parameter. https://nodejs.org/docs/latest/api/tls.html#tls_tls_default_min_version
Seems to be that problem is gone on nodemailer version 6.4.0 and above for the Node.js 12 on Firebase/Cloud Functions for Firebase environment.
That's the code:
const mailTransport = nodemailer.createTransport({
// Make sure the environmental variables have proper typings.
host: 'MYHOST',
port: PORT_NUMBER,
auth: {
user: '[email protected]',
pass: 'MY_PASSWORD',
},
});
...
exports.myFunction = functions.firestore
.document(
'mails/{somethingHere}'
)
.onCreate(async (snap: any, context: any) => {
if (snap.data() === null) return null;
...
return mailTransport
.sendMail(mailOptions)
.then((info: string) => {
console.log('Info: ', info);
})
.catch((error: string) => {
return console.log('Error: ', error); // This log will be shown in Firebase Functions logs.
});
...
Environment:
"firebase": "^8.1.1",
"firebase-admin": "^9.4.1",
"firebase-functions": "^3.11.0",
"nodemailer": "^6.4.11",
Note: I've used GMAIL for my SMTP settings.