github-starred/ntfy
2
0
Fork 0
mirror of https://github.com/binwiederhier/ntfy.git synced 2026-05-15 07:35:49 -06:00
Code Issues 367 Projects Packages Wiki Activity Actions

[GH-ISSUE #410] Add option to make TLS mandatory for sending e-mail notification #314

New issue
Open
opened 2026-05-05 03:59:41 -06:00 by gitea-mirror · 1 comment
gitea-mirror commented 2026-05-05 03:59:41 -06:00
Owner
Copy link

Originally created by @cmeis on GitHub (Sep 22, 2022).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/410

The subject says it all.
I'd like to able to restrict outgoing mails to be sent only over TLS encrypted SMTP connections, by setting a option in the server.yml.

Originally created by @cmeis on GitHub (Sep 22, 2022). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/410 The subject says it all. I'd like to able to restrict outgoing mails to be sent only over TLS encrypted SMTP connections, by setting a option in the server.yml.
gitea-mirror added the
enhancement
server
 labels 2026-05-05 03:59:41 -06:00
gitea-mirror commented 2026-05-05 03:59:43 -06:00
Author
Owner
Copy link

@ntninja commented on GitHub (Nov 20, 2025):

And related to this, please also add options:

  • To disable StartTLS entirely
  • To specify a custom SNI / expected hostname for TLS validation

If someone wants to implement this:

  1. Copy the code of the SendMail function from https://go.dev/src/net/smtp/smtp.go
  2. Replace the call to that same SendMail function in b531bc95ea/server/smtp_sender.go (L56) with the copied code
  3. Alter the logic for when StartTLS is attempted / not attempted and which hostname is passed into the tls.Config

This is log-hanging fruit, but someone needs to do it!

<!-- gh-comment-id:3559982699 --> @ntninja commented on GitHub (Nov 20, 2025): And related to this, please also add options: * To disable StartTLS entirely * To specify a custom SNI / expected hostname for TLS validation If someone wants to implement this: 1. Copy the code of the `SendMail` function from https://go.dev/src/net/smtp/smtp.go 2. Replace the call to that same `SendMail` function in https://github.com/binwiederhier/ntfy/blob/b531bc95ea9faedf68c5b3987f2744df0960384d/server/smtp_sender.go#L56 with the copied code 3. Alter the logic for when StartTLS is attempted / not attempted and which hostname is passed into the `tls.Config` This is log-hanging fruit, but someone needs to do it!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
email-verification
attachment-no-http2
attachment-fixes
attachment-s3
config-generator
postgres-replica
dockers-v2
postgres-support
postgres-webpush+user+message
postgres-webpush+user
postgres-webpush
1364-copy-action
crashfix
user-header
scalar-api-docs
cancel-scheduled
update-available
windows-server
303-update-notifications
postgres
admin-ui
require-login
http-clipboard
message-cache-lock
debian-stripe
predefined-users
busy-timeout
template-dir
ipv6
client-ip-header
apns-fix
feat_optional_require_login
security-updates
pg-message-cache
templating-disallow
templating-3
templating-2
message-size-limit+delay-limit
remove-rate-topics
html-emails
cf-priority
acl-underscores
auth-user-header
markdown
img-attach
web-improvements
utf8-headers
matrix-507-reject
http-response-writer
new-homepage-design
e2e
canary
windows
electron
update-messages
webhook-templating
v2.22.0
v2.21.0
v2.20.1
v2.20.0
v2.19.2
v2.19.1
v2.19.0
v2.18.0
v2.17.0
v2.16.0
v2.15.0
v2.14.0
v2.13.0
v2.12.0
v2.11.0
v2.10.0
v2.9.0
v2.8.0
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.1
v2.0.0
v1.31.0
v1.30.1
v1.29.1
v1.29.0
v1.28.0
v1.27.2
v1.27.1
v1.26.0
v1.25.2
v1.25.1
v1.25.0
v1.24.0
v1.23.0
v1.22.0
v1.21.2
v1.21.1
v1.21.0
v1.20.0
v1.19.0
v1.18.1
v1.18.0
v1.17.1
v1.17.0
v1.16.0
v1.15.0
v1.14.1
v1.14.0
v1.13.0
v1.12.1
v1.12.0
v1.11.1
v1.11.2
v1.11.0
v1.10.0
v1.9.0
v1.8.0
v1.7.0
v1.6.1
v1.6.0
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.2
v1.3.3
v1.3.1
v1.3.0
v1.2.5
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.0
v0.0.5
v0.0.4
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
ai-generated

   
android-app

   
android-app

   
android-app

   
build

   
build

   
dependencies

   
docs

   
enhancement

   
enhancement

   
in-progress 🏃

   
ios

   
prio:low

   
prio:low

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
server

   
server

   
unified-push

   
web-app

   
website

   
🔒 security

   
🔥 HOT

   
🪲 bug
No labels
ai-generated
android-app
android-app
android-app
build
build
dependencies
docs
enhancement
enhancement
in-progress 🏃
ios
prio:low
prio:low
pull-request
question
server
server
unified-push
web-app
website
🔒 security
🔥 HOT
🪲 bug
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/ntfy#314
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?