fix(mail): fix sending mail on OTP26

For TLS connections specifying cacerts & server_name_indication is now required Closes #1341 Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-08-17 11:39:10 +02:00 · 2023-08-17 11:39:10 +02:00 · f54fff56fc
parent 3de4d84329
commit f54fff56fc
2 changed files with 16 additions and 4 deletions
--- a/config/config.exs
+++ b/config/config.exs
@ -113,17 +113,22 @@ config :mobilizon, :media_proxy,
 config :mobilizon, Mobilizon.Web.Email.Mailer,
  adapter: Swoosh.Adapters.SMTP,
  relay: "localhost",
-  # usually 25, 465 or 587
-  port: 25,
  username: "",
  password: "",
  # can be `:always` or `:never`
  auth: :if_available,
  # can be `true`
-  ssl: false,
+  # ssl: false,
  # can be `:always` or `:never`
  tls: :if_available,
  allowed_tls_versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"],
+  tls_options: [
+    verify: :verify_peer,
+    versions: [:"tlsv1.2", :"tlsv1.3"],
+    cacerts: :public_key.cacerts_get(),
+    server_name_indication: "localhost",
+    depth: 99
+  ],
  retries: 1,
  # can be `true`
  no_mx_lookups: false
--- a/config/docker.exs
+++ b/config/docker.exs
@ -50,7 +50,14 @@ config :mobilizon, Mobilizon.Web.Email.Mailer,
  username: System.get_env("MOBILIZON_SMTP_USERNAME", nil),
  password: System.get_env("MOBILIZON_SMTP_PASSWORD", nil),
  tls: :if_available,
-  allowed_tls_versions: [:tlsv1, :"tlsv1.1", :"tlsv1.2"],
+  allowed_tls_versions: [:"tlsv1.2", :"tlsv1.3"],
+  tls_options: [
+    verify: :verify_peer,
+    versions: [:"tlsv1.2", :"tlsv1.3"],
+    cacerts: :public_key.cacerts_get(),
+    server_name_indication: System.get_env("MOBILIZON_SMTP_SERVER", "localhost"),
+    depth: 99
+  ],
  ssl: System.get_env("MOBILIZON_SMTP_SSL", "false"),
  retries: 1,
  no_mx_lookups: false,