Tested sending an email from the node nodemailer.sendMail code to the SMTP server, which is running on the same server as my back end API, and it initially looked good. Here is the output:
message ID of message sent: <[email protected]>
sendResult: {"accepted":["[email protected]"],"rejected":[],"envelopeTime":7,"messageTime":45,"messageSize":761,"response":"250 OK: message queued","envelope":{"from":"[email protected]","to":["[email protected]"]},"messageId":"<[email protected]>"}
But then when I checked my email, I received nothing, and then, after a significant period of time (half hour or more?), these error messages appeared in the log:
Error 00E80674957F0000:error:0A0000C1:SSL routines:tls_post_process_client_hello:no shared cipher:../deps/openssl/openssl/ssl/statem/statem_srvr.c:2240:
Error Socket closed unexpectedly
Error 00E80674957F0000:error:0A0000C1:SSL routines:tls_post_process_client_hello:no shared cipher:../deps/openssl/openssl/ssl/statem/statem_srvr.c:2240:
My ultimate goal: get rid of this error and send an email successfully from the back end SMTP server. But I will resolve this question when somebody can simply tell me what causes the error.
My question: What causes this error?
I can post my nodemailer send code, as well as the SMTP server spin-up code if anybody thinks it will help - I didn't want to clutter up the question if the error was related to something completely separate, such as my NGINX configuration.
Other Information: I'm running a node back end with NGINX, which handles the API calls, and it also starts up an node SMTP server. Didn't do anything special in NGINX for the SMTP server, because I assume the SMTP server is simply listening on port 465, so it would never 'hit' NGINX.
My Attempt to Fix Error: The pem cert and key are generated by certbot, and I recently 'expanded' the cert to include the domain, prefixed with 'smtp.' That was my first attempt at fixing this error, but it obviously didn't work.
How my smtp-server code uses the TLS Certbot certificates:
environmentSpecificOptions =
{
secure: true,
disabledCommands: ['AUTH'],
key: fs.readFileSync("/etc/letsencrypt/live/api.mywebsite.org/privkey.pem"),
cert: fs.readFileSync("/etc/letsencrypt/live/api.mywebsite.org/fullchain.pem"),
name: process.env.SMTP_HOST,
hideSize: false,
}
const startMailServer = () => {
const options = environmentSpecificOptions;
const mailServer = new SMTPServer(options);
const listenPort = process.env.SMTP_PORT;
console.log('\n' + "Listen port for smtp server will be: " + process.env.SMTP_PORT);
mailServer.listen(listenPort);
mailServer.onConnect("error", err => {
console.log('\n' + `emailServer listening on port ${listenPort}`.blue);
});
mailServer.on("error", err => {
console.log('\n' + "Error %s", err.message);
});
}
Possible Digital Ocean Policy Conflict? On a hunch, I searched DO's policy for SMTP and found that they (somehow) block SMTP traffic on port 25. The document is here: https://docs.digitalocean.com/support/why-is-smtp-blocked/ But I'm using port 465, so would they know to block traffic on that port as well, or globally somehow?
I believe this observation may be productive, because I tested the 'smtp.' prefix for my site with this tool: https://www.checktls.com/TestReceiver
And it said 'connection refused'
UPDATE: It appears that Digital Ocean policy is NOT the cause of the error:
Digital Ocean port / SMTP Policy
More Errors that may be helpful: I logged in recently, and noticed that more errors had occurred, possibly related to my TLS test and/or my telnet test. Here they are:
Error read ECONNRESET
Error 00E80674957F0000:error:0A0000C1:SSL routines:tls_post_process_client_hello:no shared cipher:../deps/openssl/openssl/ssl/statem/statem_srvr.c:2240:
Error 00E80674957F0000:error:0A0000C1:SSL routines:tls_post_process_client_hello:no shared cipher:../deps/openssl/openssl/ssl/statem/statem_srvr.c:2240:
Error 00E80674957F0000:error:0A0000C1:SSL routines:tls_post_process_client_hello:no shared cipher:../deps/openssl/openssl/ssl/statem/statem_srvr.c:2240:
Error 00E80674957F0000:error:0A0000C1:SSL routines:tls_post_process_client_hello:no shared cipher:../deps/openssl/openssl/ssl/statem/statem_srvr.c:2240:
Error 00E80674957F0000:error:0A00009C:SSL routines:ssl3_get_record:http request:../deps/openssl/openssl/ssl/record/ssl3_record.c:345:
Error Socket closed unexpectedly
Error 00E80674957F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:354: