Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH is never used #1195

Open
Darkdragon84 opened this issue Mar 18, 2024 · 0 comments
Open

OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH is never used #1195

Darkdragon84 opened this issue Mar 18, 2024 · 0 comments

Comments

@Darkdragon84
Copy link

Darkdragon84 commented Mar 18, 2024
edited

I want to use protonmail bridge as mailserver for sending emails from overleaf. Protonmail uses self-signed certificates, but overleaf seems to not take the relevant environment variable into account.

I have setup protonmail such that its SMTP is available through a docker network called protonmail-bridge on port 25. I have tested this and sent a test mail successfully both with telnet and a small node.js script that uses nodemailer from inside the running sharelatex container. That means nodemailer can see and use protonmail bridge from the sharelatex container.

The correct environment variables for overleaf to use protonmail are then (as per the wiki, replacing SHARELATEX with OVERLEAF)

OVERLEAF_EMAIL_SMTP_HOST: "protonmail-bridge"
OVERLEAF_EMAIL_SMTP_PORT: 25
 # https://nodemailer.com/smtp/#tls-options
# causes to use STARTTLS if available
OVERLEAF_EMAIL_SMTP_SECURE: "false"
# allows self-signed certificates
OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH: "false"
# allows using STARTTLS if available
OVERLEAF_EMAIL_SMTP_IGNORE_TLS: "false"

The crucial point is OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH: "false" to allow self-signed certificates, which protonmail requires. However, using this environment I still get a "self-signed certificate" error when trying to send a test mail from overleaf

[2024-03-18 15:23:44] DEBUG [NqNh8DzXZGA] Resolved protonmail-bridge as 172.24.0.2 [cache miss]
[2024-03-18 15:23:44] INFO  [NqNh8DzXZGA] Connection established to 172.24.0.2:25
[2024-03-18 15:23:44] ERROR [NqNh8DzXZGA] self-signed certificate
[2024-03-18 15:23:44] DEBUG [NqNh8DzXZGA] Closing connection to the server using "end"
[2024-03-18 15:23:44] ERROR Send Error: self-signed certificate
[2024-03-18 15:23:44] INFO  [NqNh8DzXZGA] Connection closed
[2024-03-18 15:23:44] INFO  [NqNh8DzXZGA] Connection closed

I think I have pinpointed the issue to this line, where parts of the fields of the emailParameters are extracted and used to create a nodemailer client. However, the tls field -- which is set according to OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH here -- is not extracted. This means that the created nodemailer client does not take the value of OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH into account and it is impossible to use self-signed certificates.

Steps to Reproduce

  1. supply protonmail bridge on a docker network and make it visible to the sharelatex container.
  2. start overleaf container with above environment variables
  3. trigger any action to send an email from overleaf, e.g. send a confirmation email when creating a new user

Expected Behaviour

The email is successfully sent

Observed Behaviour

Overleaf says Something went wrong. Please try again.
The mail log shows the following error: Send Error: self-signed certificate

Context

I am unable to use overleaf as I am required to use protonmail for secure communication with our users.
@Darkdragon84 Darkdragon84 mentioned this issue Mar 20, 2024
Open
1 task
@Darkdragon84 Darkdragon84 changed the title SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH is never used OVERLEAF_EMAIL_SMTP_TLS_REJECT_UNAUTH is never used Mar 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Darkdragon84