Cannot send email - problem with port 465

I would like to change the SMTP provider, but it doesn’t seem to work although I’m certain that the server can send emails.

I have this in app.yml:

  DISCOURSE_SMTP_ADDRESS: <<SMTP SERVER>>
  DISCOURSE_SMTP_PORT: 465
  DISCOURSE_SMTP_USER_NAME: <<USER>>
  DISCOURSE_SMTP_PASSWORD: <<PASSWORD>>

Using telnet <<SMTP SERVER>> 465 connects OK, but when I try to send emails, Discourse returns with:

ERROR - Net::ReadTimeout with #<Socket:(closed)> 

Anybody has any pointers to what I need to set?

I checked out the server based on this topic: Troubleshoot email on a new Discourse install

It appears to connect to the server and send a test email correctly if I do that manually:

> sudo ./launcher enter app
root@support-app:/var/www/discourse# openssl s_client -connect mail.xxxxxxxx.com:465
  :
  :
  massive amount of junk
  :
  :
220 xxxxxxx.com Anti-spam GT for Coremail System (mispb-6da2110f-64b0-4d67-acf1-2d302bd594f9-xxxxxxx.com[20220915])
EHLO mail.xxxxxxxxx.com
250-mail
250-PIPELINING
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-coremail 1Uxr2xKj7kG0xkI17xGrUDI0s8FY2U3Uj8Cz28x1UUUUU7Ic2I0Y2UrpDiNKUCa0xDrUUUUj
250-STARTTLS
250-SMTPUTF8
250 8BITMIME
AUTH PLAIN xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
235 Authentication successful
mail from: <xxx@xxxxxx.com>
250 Mail OK
rcpt to: <xxxx@xxxxxxx.com>
250 Mail OK
data
354 End data with <CR><LF>.<CR><LF>
content

.
250 Mail OK queued as AQAAfwBXr9nSGHdj3hEgAA--.7073S2

How long does it take for the output to appear?

Quite immediately after I send a command.

EDIT: Is there a way to get more detailed logging to discover which step is causing the error?

It’s likely that the outgoing port is being blocked by your hosting provider. If you’re using some service like mailgun (or most any other) then port 2525 should work. If it’s a mail server you run, then you can have it listen to another port (like 2525).

Or (probably hardest) you can open a ticket with whoever hosts your server and ask them to open the port.

Well, considering I can ./launcher enter app and then openssl connect to the mail server, login via SMTP and successfully sent an email from within the discourse container, I doubt that it is the port that doesn’t work…

1 Like

I traced the code and it seems that EHLO wasn’t even reached. The SMTP server is connected but the SSL handshake seems to be missing, so the server quits and Discourse didn’t get any response, thus the error.

So, I suspected that port 465 support seems to have a bug (it defaults to SSL, but I don’t think Discourse recognizes that) so probably the SSL connection is never established.

Switching to port 25 seems to at least get rid of the error, although I am not receiving any sent email yet…

EDIT: I can confirm that port 25 works properly (as should 587 but unfortunately my smtp server doesn’t expose 587).

I didn’t get any emails before was due to the fact that the Discourse server IP address was temporarily blacklisted by the smtp server because of too many failed attempts.

1 Like

I think you’re right.

And it turns out you’re not the first… when searching for DISCOURSE_SMTP_PORT 465 I found a whole pile of similar issues.

The last one contains a link to the (possible?) solution.

With this patch, it's possible to set
DISCOURSE_SMTP_FORCE_TLS=true to use implicit TLS on port 465
2 Likes

I’ve also seen quite a few ‘465 problem’ topics too. My email debugging for anything but the obvious is not great though so I have been quoting the troubleshooting guide:

Is there something we can add to that to help people?

2 Likes

Well, if @schungx is able to confirm that DISCOURSE_SMTP_FORCE_TLS=true is indeed a solution, we can add that.

2 Likes

I’ll try right away!

EDIT: @RGJ I can confirm that DISCOURSE_SMTP_FORCE_TLS: true in app.yml successful solves the problem! :champagne:

I suggest a bold warning saying If you use port 465, set DISCOURSE_SMTP_FORCE_TLS: true, or shouldn’t Discourse be smart enough to detect this?

2 Likes