starred/lldap-lldap
1
0
Fork 0
mirror of https://github.com/lldap/lldap.git synced 2026-04-25 16:25:55 +03:00
Code Issues 101 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #611] SMTP configuration with environment variables is inconsistent #223

New issue
Closed
opened 2026-02-27 08:15:58 +03:00 by kerem · 2 comments
kerem commented 2026-02-27 08:15:58 +03:00
Owner
Copy link

Originally created by @kosssi on GitHub (Jun 22, 2023).
Original GitHub issue: https://github.com/lldap/lldap/issues/611

Thanks for LLDAP, I just test it with Docker Compose and when I configure my SMTP I read this documentation :

https://github.com/lldap/lldap/blob/main/lldap_config.docker_template.toml#L115-L117

## Options to configure SMTP parameters, to send password reset emails.
## To set these options from environment variables, use the following format
## (example with "password"): LLDAP_SMTP_OPTIONS__PASSWORD
...
## How the connection is encrypted, either "NONE" (no encryption), "TLS" or "STARTTLS".
#smtp_encryption = "TLS"
...
## Same for reply-to, optional.
#reply_to="Do not reply <noreply@localhost>"

So I configure this variable :

LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET={{ LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET }}
LLDAP_SMTP_OPTIONS__SERVER={{ LLDAP_SMTP_OPTIONS__SERVER }}
LLDAP_SMTP_OPTIONS__PORT={{ LLDAP_SMTP_OPTIONS__PORT }}
LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION={{ LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION }}
LLDAP_SMTP_OPTIONS__USER={{ LLDAP_SMTP_OPTIONS__USER }}
LLDAP_SMTP_OPTIONS__PASSWORD={{ LLDAP_SMTP_OPTIONS__PASSWORD }}
LLDAP_SMTP_OPTIONS__FROM={{ LLDAP_SMTP_OPTIONS__FROM }}
LLDAP_SMTP_OPTIONS__REPLY_TO={{ LLDAP_SMTP_OPTIONS__REPLY_TO }}

But I don't understand my configuration is not valide :

🚧 [warn]: Error sending email: lettre::transport::smtp::Error {
  kind: Connection,
  source: lettre::transport::smtp::Error {
    kind: Connection,
    source: Custom {
      kind: InvalidData,
      error: CorruptMessage,
    },
  },
}

When I show this code https://github.com/lldap/lldap/blob/main/server/src/infra/cli.rs :

/// Email address to send an email to.
#[clap(long, env = "LLDAP_TEST_EMAIL_TO")]
...
#[clap(long, env = "LLDAP_SMTP_OPTIONS__TO")]
...
#[clap(long, env = "LLDAP_SMTP_OPTIONS__ENCRYPTION", value_parser = EnumValueParser::<SmtpEncryption>::new(), ignore_case = true)]

I'm bit confused it's LLDAP_SMTP_OPTIONS__REPLY_TO or LLDAP_SMTP_OPTIONS__TO or LLDAP_TEST_EMAIL_TO and LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION or LLDAP_SMTP_OPTIONS__ENCRYPTION ?

Finally I change LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION from TLS to STARTTLS and it's ok 🤙

Originally created by @kosssi on GitHub (Jun 22, 2023). Original GitHub issue: https://github.com/lldap/lldap/issues/611 Thanks for LLDAP, I just test it with Docker Compose and when I configure my SMTP I read this documentation : https://github.com/lldap/lldap/blob/main/lldap_config.docker_template.toml#L115-L117 ``` ## Options to configure SMTP parameters, to send password reset emails. ## To set these options from environment variables, use the following format ## (example with "password"): LLDAP_SMTP_OPTIONS__PASSWORD ... ## How the connection is encrypted, either "NONE" (no encryption), "TLS" or "STARTTLS". #smtp_encryption = "TLS" ... ## Same for reply-to, optional. #reply_to="Do not reply <noreply@localhost>" ``` So I configure this variable : ``` LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET={{ LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET }} LLDAP_SMTP_OPTIONS__SERVER={{ LLDAP_SMTP_OPTIONS__SERVER }} LLDAP_SMTP_OPTIONS__PORT={{ LLDAP_SMTP_OPTIONS__PORT }} LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION={{ LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION }} LLDAP_SMTP_OPTIONS__USER={{ LLDAP_SMTP_OPTIONS__USER }} LLDAP_SMTP_OPTIONS__PASSWORD={{ LLDAP_SMTP_OPTIONS__PASSWORD }} LLDAP_SMTP_OPTIONS__FROM={{ LLDAP_SMTP_OPTIONS__FROM }} LLDAP_SMTP_OPTIONS__REPLY_TO={{ LLDAP_SMTP_OPTIONS__REPLY_TO }} ``` But I don't understand my configuration is not valide : ``` 🚧 [warn]: Error sending email: lettre::transport::smtp::Error { kind: Connection, source: lettre::transport::smtp::Error { kind: Connection, source: Custom { kind: InvalidData, error: CorruptMessage, }, }, } ``` When I show this code https://github.com/lldap/lldap/blob/main/server/src/infra/cli.rs : ``` /// Email address to send an email to. #[clap(long, env = "LLDAP_TEST_EMAIL_TO")] ... #[clap(long, env = "LLDAP_SMTP_OPTIONS__TO")] ... #[clap(long, env = "LLDAP_SMTP_OPTIONS__ENCRYPTION", value_parser = EnumValueParser::<SmtpEncryption>::new(), ignore_case = true)] ``` I'm bit confused it's `LLDAP_SMTP_OPTIONS__REPLY_TO` or `LLDAP_SMTP_OPTIONS__TO` or `LLDAP_TEST_EMAIL_TO` and `LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION` or `LLDAP_SMTP_OPTIONS__ENCRYPTION` ? Finally I change LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION from TLS to STARTTLS and it's ok 🤙
kerem 2026-02-27 08:15:58 +03:00
kerem commented 2026-02-27 08:15:59 +03:00
Author
Owner
Copy link

@nitnelave commented on GitHub (Jun 22, 2023):

Oh, it seems we documented a wrong environment variable for smtp_encryption. I'll keep this ticket open to fix that.

We might also want to wrap the lettre error, check if it's a corrupt message and advise to change from TLS to STARTTLS or vice-versa.

<!-- gh-comment-id:1602751694 --> @nitnelave commented on GitHub (Jun 22, 2023): Oh, it seems we documented a wrong environment variable for smtp_encryption. I'll keep this ticket open to fix that. We might also want to wrap the lettre error, check if it's a corrupt message and advise to change from TLS to STARTTLS or vice-versa.
kerem commented 2026-02-27 08:15:59 +03:00
Author
Owner
Copy link

@nomandera commented on GitHub (Aug 3, 2023):

I am seeing multiple people with auth issues today and it seems to trace back to this STARTTLS update being a breaking change resulting in complete loss of LDAP.

It is not clear what the correct fix is as there are two conflicting error messages:

2023-08-03T08:21:27.147287205Z > Starting lldap..
2023-08-03T08:21:27.147313708Z
2023-08-03T08:21:27.156735406Z error: invalid value 'STARTTLS' for '--smtp-encryption <SMTP_ENCRYPTION>'
2023-08-03T08:21:27.156784906Z   [possible values: none, tls, start-tls]
2023-08-03T08:21:27.156793908Z
2023-08-03T08:21:27.156800087Z For more information, try '--help'.

and

2023-08-03T08:19:29.137652236Z > Starting lldap..
2023-08-03T08:19:29.137753763Z
2023-08-03T08:19:29.215470457Z Loading configuration from /data/lldap_config.toml
2023-08-03T08:19:29.215519846Z Error: unknown variant: found `start-tls`, expected `one of `NONE`, `TLS`, `STARTTLS`` for key "SMTP_OPTIONS.SMTP_ENCRYPTION" in `LLDAP_` environment variable(s)

Update: Seems to be known and fix in PR https://github.com/lldap/lldap/pull/632

<!-- gh-comment-id:1663521959 --> @nomandera commented on GitHub (Aug 3, 2023): I am seeing multiple people with auth issues today and it seems to trace back to this STARTTLS update being a breaking change resulting in complete loss of LDAP. It is not clear what the correct fix is as there are two conflicting error messages: ``` 2023-08-03T08:21:27.147287205Z > Starting lldap.. 2023-08-03T08:21:27.147313708Z 2023-08-03T08:21:27.156735406Z error: invalid value 'STARTTLS' for '--smtp-encryption <SMTP_ENCRYPTION>' 2023-08-03T08:21:27.156784906Z [possible values: none, tls, start-tls] 2023-08-03T08:21:27.156793908Z 2023-08-03T08:21:27.156800087Z For more information, try '--help'. ``` and ``` 2023-08-03T08:19:29.137652236Z > Starting lldap.. 2023-08-03T08:19:29.137753763Z 2023-08-03T08:19:29.215470457Z Loading configuration from /data/lldap_config.toml 2023-08-03T08:19:29.215519846Z Error: unknown variant: found `start-tls`, expected `one of `NONE`, `TLS`, `STARTTLS`` for key "SMTP_OPTIONS.SMTP_ENCRYPTION" in `LLDAP_` environment variable(s) ``` Update: Seems to be known and fix in PR https://github.com/lldap/lldap/pull/632
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dependabot/github_actions/codecov/codecov-action-6
copilot/fix-equality-filters-list-attributes
dependabot/github_actions/docker/build-push-action-7
dependabot/github_actions/docker/metadata-action-6
dependabot/github_actions/docker/setup-buildx-action-4
dependabot/github_actions/docker/login-action-4
copilot/update-download-artifact-action
copilot/fix-opensuse-warnings
copilot/fix-1268
copilot/fix-727
copilot/fix-898
copilot/fix-1256
copilot/fix-1251
copilot/fix-1249
copilot/fix-1206
user-attribute-form
user-ui
group-ui
server-user-attribute-schema
crates
haveibeenpwned
v0.6.2
v0.6.1
v0.6.0
v0.5.0
v0.4.3
v0.4.2
v0.4.1
v0.4.0
v0.3.0
v0.2.0
v0.0.1
Labels
Clear labels   
backend

   
blocked

   
bug

   
cleanup

   
dependencies

   
docker

   
documentation

   
duplicate

   
enhancement

   
enhancement

   
frontend

   
github_actions

   
good first issue

   
help wanted

   
help wanted

   
integration

   
invalid

   
ldap

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
rust

   
rust

   
tests

   
wontfix
No labels
backend
blocked
bug
cleanup
dependencies
docker
documentation
duplicate
enhancement
enhancement
frontend
github_actions
good first issue
help wanted
help wanted
integration
invalid
ldap
pull-request
question
rust
rust
tests
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/lldap-lldap#223
No description provided.