Thanks to visit codestin.com
Credit goes to github.com

Skip to content

EsmtpTransport does not honor tls false configuration #53545

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
rvicinus opened this issue Jan 15, 2024 · 2 comments
Closed

EsmtpTransport does not honor tls false configuration #53545

rvicinus opened this issue Jan 15, 2024 · 2 comments
Labels
Bug Mailer Status: Needs Review

Comments

@rvicinus
Copy link

Symfony version(s) affected

7.0

Description

The constructor of the EsmtpTransport offers the boolean parameter "tls", but even if configured to false, it switches to an encrypted connection if the server supports tls. This is an issue because if you try to connect to localhost, the certificate can not match and the connection fails with the exception: "SSL routines::certificate verify failed"

How to reproduce

Test on a system which accepts mail on localhost port 25, and that support STARTTLS:

<?php
use Symfony\Component\Mime\Email;
use Symfony\Component\Mailer\Mailer;
use Symfony\Component\Mailer\Transport\Smtp\EsmtpTransport;

require_once 'vendor/autoload.php';

$email = (new Email())
            ->from('[email protected]')
            ->to('[email protected]')
            ->subject('Test E-Mail')
            ->text('Test!');

$transport = new EsmtpTransport('localhost', 25, false);
$mailer = new Mailer($transport);
$mailer->send($email);

Possible Solution

In my opinion, the correct solution would be to either honor the tls parameter or not to verify the certificate, if the host is localhost.

Additional Context

No response
@rvicinus rvicinus added the Bug label Jan 15, 2024
@xabbuh xabbuh added the Mailer label Jan 15, 2024
@xabbuh
Copy link
Member

xabbuh commented Jan 16, 2024

You can access the underlying stream through getStream(). With this when an instance of SocketStream you should be able to disable the verification using the standard stream context options.

@xabbuh xabbuh mentioned this issue Jan 23, 2024
Closed
@nicolas-grekas
Copy link
Member

#53621 added an auto_tls option and a setAutoTls method that cover this use case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Mailer Status: Needs Review
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nicolas-grekas @xabbuh @carsonbot @rvicinus