Sysadmins of the North

Technical blog, where topics include: computer, server, web, sysadmin, MySQL, database, virtualization, optimization and security

Send email with Ghost using SMTP authentication and TLS encryption

Ghost Publishing platform uses Nodemailer to send e-mails with Node.js. It can send e-mail using SMTP, sendmail or Amazon SES and is unicode friendly.

As you know, more and more web hosting providers require SMTP authentication (often abbreviated as SMTP AUTH) and a TLS encrypted connection to send email. Here you’ll find some script examples to Send secure SMTP email from your website.

Can we do the same with Ghost and Node.js?

Yes we can! Nodemailer is a module for Node.js, perfect for sending out emails, with support included for Unicode, HTML, SMTP, XOAUTH, SSL and TLS. Nodemailer supports SMTP authentication and TLS encryption out-of-the-box, as we can find in the readme.md on Github. What do we need to configure?

There is one important configuration setting for Nodemailer:
secureConnection needs to be set to false, since the connection is started in insecure plain text mode and only later upgraded with STARTTLS. Given the configuration key name, you’d assume this would have to be set to true.

Configure Ghost to send authenticated SMTP over TLS

To configure Ghost to send authenticated SMTP over a TLS encrypted connnection, open up your config.js file. Edit or add the mail config:

production: {
  // [...]
  mail: {
    transport: 'SMTP',
    options: {
      port: 25, // or 587
      host: 'smtp.example.com',
      secureConnection: false,
      auth: {
        user: 'user@example.com',
        pass: 'password'
      }
    }
  },
  // [...]
},

That’s it. Be sure to use your production environment.

1 Comment

  1. Even that, Gmail says:
    encryption: zoho.com didn’t encrypt this message

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

shares