From 304b010a560653e149b05a48c66b424e93d491ab Mon Sep 17 00:00:00 2001 From: michael Date: Wed, 10 Sep 2025 16:45:12 +0200 Subject: [PATCH 1/4] fix(smtp): add STARTTLS support for port 587 - Add STARTTLS handshake after EHLO for port 587 - Upgrade socket to SSL after STARTTLS command - Perform second EHLO over encrypted connection - Resolves authentication issues with Hetzner and other SMTP providers - Fixes 'Must issue a STARTTLS command first' error Closes #113 --- src/smtp.lua | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/src/smtp.lua b/src/smtp.lua index ab59d17..4c08b97 100644 --- a/src/smtp.lua +++ b/src/smtp.lua @@ -237,6 +237,33 @@ function SMTP:send_email(to_address, subject, message, from_name) return cleanup_and_fail("EHLO failed: " .. response) end + -- STARTTLS hinzufügen für Port 587 + if self.port == 587 and self.use_ssl then + -- STARTTLS command + local success, response = self:send_command(sock, "STARTTLS", 220) + if not success then + return cleanup_and_fail("STARTTLS failed: " .. response) + end + + -- Upgrade connection to SSL + local ssl_sock, err = self.ssl_compat:wrap_socket(sock, { + mode = "client", + protocol = "tlsv1_2" + }) + + if not ssl_sock then + return cleanup_and_fail("SSL upgrade failed: " .. err) + end + + sock = ssl_sock + + -- EHLO again over encrypted connection + local success, response = self:send_command(sock, "EHLO furt-lua", 250) + if not success then + return cleanup_and_fail("EHLO after STARTTLS failed: " .. response) + end + end + -- AUTH LOGIN local success, response = self:send_command(sock, "AUTH LOGIN", 334) if not success then From ec7086259ed300c913c417a01b8460093c35be9e Mon Sep 17 00:00:00 2001 From: michael Date: Wed, 10 Sep 2025 16:45:12 +0200 Subject: [PATCH 2/4] chore: merkwerk auto-update --- .version_history | 1 + 1 file changed, 1 insertion(+) diff --git a/.version_history b/.version_history index 4b8dce6..fb076e9 100644 --- a/.version_history +++ b/.version_history @@ -27,3 +27,4 @@ a670de0f,24bd94d,feature/systemd-hardening,2025-09-07T16:40:47Z,michael,git,lua- 4ee95dbc,08b49d3,security/sanitize-test-scripts,2025-09-07T19:25:38Z,michael,git,lua-api 59c85431,8b78066,main,2025-09-10T10:20:50Z,michael,git,lua-api a71dd794,f5d9f35,main,2025-09-10T12:27:54Z,michael,git,lua-api +de5318f2,304b010,main,2025-09-10T14:45:12Z,michael,git,lua-api From 7a921dc791dafd464c6f0dc2c3c4bff62f1ee448 Mon Sep 17 00:00:00 2001 From: michael Date: Wed, 10 Sep 2025 16:46:12 +0200 Subject: [PATCH 3/4] Release v0.1.3: Add STARTTLS support for port 587 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index d917d3e..b1e80bb 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.1.2 +0.1.3 From 4af068e15cfab44abca4c15042cdeb06303cee9c Mon Sep 17 00:00:00 2001 From: michael Date: Wed, 10 Sep 2025 16:46:12 +0200 Subject: [PATCH 4/4] chore: merkwerk auto-update --- .version_history | 1 + 1 file changed, 1 insertion(+) diff --git a/.version_history b/.version_history index fb076e9..20840a8 100644 --- a/.version_history +++ b/.version_history @@ -28,3 +28,4 @@ a670de0f,24bd94d,feature/systemd-hardening,2025-09-07T16:40:47Z,michael,git,lua- 59c85431,8b78066,main,2025-09-10T10:20:50Z,michael,git,lua-api a71dd794,f5d9f35,main,2025-09-10T12:27:54Z,michael,git,lua-api de5318f2,304b010,main,2025-09-10T14:45:12Z,michael,git,lua-api +980d67cd,7a921dc,main,2025-09-10T14:46:13Z,michael,git,lua-api