Added two new configuration options for SMTP: "starttls" and

"allowInsecure". smtp.starttls will enable or disable STARTTLS when "secure" is set to false (otherwise it does nothing). smtp.allowInsecure will allow self-signed certificates if set to true for both smtp.secure and smtp.starttls options.
2026-03-31 05:05:38 +00:00 · 2026-03-13 16:14:04 +01:00
parent f109db3536
commit 63effc3887
2 changed files with 24 additions and 19 deletions
--- a/src/util/config/types/subconfigurations/email/SMTP.ts
+++ b/src/util/config/types/subconfigurations/email/SMTP.ts
@@ -20,6 +20,8 @@ export class SMTPConfiguration {
    host: string | null = null;
    port: number | null = null;
    secure: boolean | null = null;
+    starttls: boolean = false;
+    allowInsecure: boolean = false;
    username: string | null = null;
    password: string | null = null;
 }
--- a/src/util/util/email/clients/SMTPEmailClient.ts
+++ b/src/util/util/email/clients/SMTPEmailClient.ts
@@ -34,7 +34,7 @@ export class SMTPEmailClient extends BaseEmailClient {
            return;
        }
        // get configuration
-        const { host, port, secure, username, password } = Config.get().email.smtp;
+        const { host, port, secure, starttls, allowInsecure, username, password } = Config.get().email.smtp;

        // ensure all required configuration values are set
        if (!host || !port || secure === null) return console.error("[Email] SMTP has not been configured correctly.");
@@ -45,24 +45,27 @@ export class SMTPEmailClient extends BaseEmailClient {
            );

        /* Allow for SMTP relays with and without username/passwords (IE: Smarthosts/Local Relays, etc) */
-        let nodemailer_opts: unknown;
-        if(!username || !password) {
-            nodemailer_opts = {
-                host,
-                port,
-                secure,
-            };
-        } else {
-            nodemailer_opts = {
-                host,
-                port,
-                secure,
-                auth: {
-                    user: username,
-                    pass: password,
-                },
-            };
-        }
+        const nodemailer_opts = {
+            host: host,
+            port: port,
+            secure: secure,
+            ...(starttls ? { requireTLS: true } : { ignoreTLS: true }),
+            ...(allowInsecure
+                ? {
+                      tls: {
+                          rejectUnauthorized: false,
+                      },
+                  }
+                : {}),
+            ...(username && password
+                ? {
+                      auth: {
+                          user: username,
+                          pass: password,
+                      },
+                  }
+                : {}),
+        };

        // construct the transporter
        // eslint-disable-next-line @typescript-eslint/ban-ts-comment