Allow SMTP driver use self-signed cert

Ghost_chu

When using a self-hosted mail server like Mailcow, you'll often encounter SMTP certificate issues. In most other applications, this is fairly easy to resolve by simply enabling the “Ignore SSL verification” switch.

However, Flarum lacks this functionality, and setting Encryption to empty does not resolve the issue. Additionally, you cannot modify this behavior via extend.php, as the SMTP Driver constructs its own transport and is not managed by global settings.

Even when using plaintext port 25 with no encryption settings specified, Flarum's SMTP driver will still construct a transport that utilizes STARTTLS/TLS when available, triggering certificate validation issues.

Currently, the only solution is to modify the SMTPDriver.php file and manually pass in the stream parameter. This is extremely cumbersome, and any changes made to this file will be lost after an upgrade.

<?php

/*
 * This file is part of Flarum.
 *
 * For detailed copyright and license information, please view the
 * LICENSE file that was distributed with this source code.
 */

namespace Flarum\Mail;

use Flarum\Settings\SettingsRepositoryInterface;
use Illuminate\Contracts\Validation\Factory;
use Illuminate\Support\MessageBag;
use Swift_SmtpTransport;
use Swift_Transport;

class SmtpDriver implements DriverInterface
{
    use ValidatesMailSettings;

    public function availableSettings(): array
    {
        return [
            'mail_host' => '', // a hostname, IPv4 address or IPv6 wrapped in []
            'mail_port' => '', // a number, defaults to 25
            'mail_encryption' => '', // "tls" or "ssl"
            'mail_username' => '',
            'mail_password' => '',
        ];
    }

    public function validate(SettingsRepositoryInterface $settings, Factory $validator): MessageBag
    {
        return $validator->make($settings->all(), [
            'mail_host' => ['required', $this->noWhitespace()],
            'mail_port' => ['nullable', 'integer', $this->noWhitespace()],
            'mail_encryption' => 'nullable|in:tls,ssl,TLS,SSL',
            'mail_username' => ['nullable', 'string', $this->noWhitespace()],
            'mail_password' => ['nullable', 'string', $this->noWhitespace()],
        ])->errors();
    }

    public function canSend(): bool
    {
        return true;
    }

    public function buildTransport(SettingsRepositoryInterface $settings): Swift_Transport
    {
        $transport = new Swift_SmtpTransport(
            $settings->get('mail_host'),
            $settings->get('mail_port'),
            $settings->get('mail_encryption') // <-- This actually DIDN'T WORK if you want disable encryption, it ALWAYS use STARTTLS or something like that when available (even encryption is null)! 
        );

        $transport->setUsername($settings->get('mail_username'));
        $transport->setPassword($settings->get('mail_password'));
        $transport->setStreamOptions([ // Hack start
            'ssl' => [
                'allow_self_signed' => true,
                'verify_peer' => false,
                'verify_peer_name' => false,
            ],
        ]); // Hack end

        return $transport;
    }
}

This proposal suggests that Flarum requires a mechanism to address such scenarios, which could be implemented either through a new toggle in the admin panel or by disabling SSL verification in config.php.

KBExit

Ghost_chu I don't use Mailcow, but I do selfhost emails for my hosting and have not had any issues with Lets Encrypt TLS Certificates and running it with Flarum. Have you considered doing this or are you hard pressed to continue with SSL?

clarkwinkelmann

The admin panel should definitely allow unencrypted SMTP. If the option in the existing dropdown doesn't work this might be a regression from a previous version.

As for skipping certificate verification, this should probably become either be a setting in the admin, or at the very least a flag that can be added to config.php. It's definitely not ideal to require a modification to the files. I'm not even sure an extension could change this without overriding the entire mail driver, which could lead to incompatibilities with other extensions.

Ghost_chu

clarkwinkelmann The admin panel should definitely allow unencrypted SMTP.

This option does exist, but it never actually works. This is because once the SMTP driver detects that the server actually supports encryption protocols such as STARTTLS or SSL, it will attempt to initiate encryption on port 25, only to fail due to certificate issues.

Ghost_chu

KBExit I tried to get Mailcow to use ACME to issue an SSL certificate (and it actually did), but for some reason, SSL wasn’t working very well (only built-in nginx used it but postfix or something else managing SMTP seems didn't use that). I spent a long time trying to figure out why, but unfortunately, I was ultimately unable to resolve the issue.
Since all SMTP operations are actually handled via the loopback interface, SSL isn’t necessary.

Mailcow's outgoing mail functionality works perfectly, and I've received a spam detect score of 10/10 good. I'm able to receive emails correctly, and all features are working as expected. The only issue is with STARTTLS/SSL, but most applications provide an option to disable it. However, Flarum requires me to modify a file to do so.

All I can do right now is create a patch file and mark it as read-only to prevent it from being accidentally overwritten. Then, I’ll have to redo everything every time there’s an update.

IanM

Ghost_chu thanks for the report!

I've validated this and opened an issue for this: flarum/framework4439

I hope to have a solution quite quickly here

IanM

Ghost_chu fixed in flarum/framework4445