Home > Software engineering >  IBM Cloud Foundry firewall blocking SMTP connection (nodemailer)
IBM Cloud Foundry firewall blocking SMTP connection (nodemailer)

Time:08-15

My project uses Nodemailer to send service emails from the server. The code runs fine on my local environment, but when deployed to Cloud Foundry, it times out on the email sending connection.

Using SSH into the app container, curl google.com works, but curl --ssl smtp://smtp.email.uk-london-1.oci.oraclecloud.com doesn't work and times out.

Where and how could I configure this network access?

/sendEmail.ts

export async function sendEmail(toEmail): Promise<<SMTPTransport.SentMessageInfo> {
    const transporter = nodemailer.createTransport({
        host: ENDPOINTS.smtp.endpoint,
        port: ENDPOINTS.smtp.port,
        secure: false,
        requireTLS: true,
        auth: {
            user: ENDPOINTS.smtp.credentials.id,
            pass: ENDPOINTS.smtp.credentials.pass
        }
    });


    return 
          await transporter.sendMail({
              from: ...,
              to: toEmail,
              subject: ...
              text: ...,
              html: ...
          })
}

const ENDPOINTS = {
   smtp: {
        endpoint: 'smtp.email.uk-london-1.oci.oraclecloud.com',
        port: 25,
        from: '[email protected]',
        credentials: {
            id: ...,
            pass: ...
        }
    }
}

CodePudding user response:

The reason for not being able to use port 25 is because most of the cloud providers block access to it.

The reason for this is 25 is unauthenticated and often times abused by the SPAMers. Most the the email providers maintain Email Reputation System for known SPAM originating IP Addresses. So if you are a cloud providers you won't want to be the one that everyone blacklists.

TCP port 587 is used for authenticated SMTP access so its very less useful for SPAMers need to send spoofed mails.

Most the cloud providers will still allow you to send emails over 25 if you have a higher/enterprise subscription with them.

Useful Links:

CodePudding user response:

Try port 587 instead of port 25. Typically, port 25 is used by SMTP for unencrypted transfer, port 587 for SSL/TLS-based encrpyted transfer. Often, the port 25 is blocked because of frequent misuse.

For my projects, I usually don't even bother using port 25, but directly try 587.

  • Related