2

I'm using Sendgrid on a Rails 5.2 application and was getting a Net::ReadTimeout error when trying to send an email. The post here https://github.com/mikel/mail/issues/639#issuecomment-29016055 suggested adding :tls => true to the SMTP settings. That worked, but it seems like an old solution and I'd like to understand what it's doing and why it worked.

This is my SMTP setup that gave the Net::ReadTimeout error:

ActionMailer::Base.smtp_settings = {
  :user_name => 'username',
  :password => 'password',
  :domain => 'mydomain.com',
  :address => 'smtp.sendgrid.net',
  :port => 465,
  :authentication => :plain,
  :enable_starttls_auto => true
}

This is the update that's working.

ActionMailer::Base.smtp_settings = {
  :user_name => 'username',
  :password => 'password',
  :domain => 'mydomain.com',
  :address => 'smtp.sendgrid.net',
  :port => 465,
  :authentication => :plain,
  :enable_starttls_auto => true,
  # this line added
  :tls => true
}
Travis Smith
  • 622
  • 5
  • 22
  • 1
    https://en.wikipedia.org/wiki/Transport_Layer_Security – max Mar 16 '20 at 17:22
  • Nice overview of TLS itself, but doesn't answer the question in a Rails-context. – Travis Smith Mar 16 '20 at 18:43
  • Its literally just documented as ":ssl/:tls - Enables the SMTP connection to use SMTP/TLS (SMTPS: SMTP over direct TLS connection)". What more do you need to know? https://guides.rubyonrails.org/action_mailer_basics.html – max Mar 16 '20 at 18:46
  • Also you're using the wrong port. "For an unencrypted or a TLS connections, use port 25, 2525, or 587" https://sendgrid.com/docs/API_Reference/SMTP_API/integrating_with_the_smtp_api.html – max Mar 16 '20 at 18:49
  • 1
    `:tls` is for implicit TLS, i.e. `smtps` port 465. STARTTLS is for explicit TLS with `smtp` on port 25 and 587. – Steffen Ullrich Mar 16 '20 at 19:29
  • I guess "explicit" means "unencrypted"? That matches up with what you're both saying. It either works using port 465 with the setting or using port 25 without it. Seems strange Sendgrid would use port 465 in their docs but not include the setting. https://sendgrid.com/docs/for-developers/sending-email/rubyonrails/ – Travis Smith Mar 16 '20 at 20:00

1 Answers1

2

Email is effectively a plaintext communication sent from email clients to receiving email servers or from one server to another. This design limitation leaves the content of a message in transit open for anyone to eavesdrop; from a wireless hotspot at the airport or coffee shop to your ISP and internet backbone providers that carry your messages throughout the world.

Transport Layer Security (TLS) helps solve this issue by offering encryption technology for your message while it is “in transit” from one secure email server to another. That is, TLS helps prevent eavesdropping on email as it is carried between email servers that have enabled TLS protections for email. Just as TLS can be used to secure web communications (HTTPS), it can secure email transport. In both applications, TLS has similar strengths and weaknesses. To maximize the content security and privacy, TLS is required between all the servers that handle the message including hops between internal and external servers.

Key features of TLS includes:

  • Encrypted messages: TLS uses Public Key Infrastructure (PKI) to encrypt messages from mail server to mail server. This encryption makes it more difficult for hackers to intercept and read messages.

  • Authentication: TLS supports the use of digital certificates to authenticate the receiving servers. Authentication of sending servers is optional. This process verifies that the receivers (or senders) are who they say they are, which helps to prevent spoofing.

For reference

Gautam
  • 1,754
  • 1
  • 14
  • 22
  • 1
    Any thoughts on the error itself and what it means? The Sendgrid documentation doesn't include the `:tls => true` setting in their setup instructions, so I'd like to make sure I don't have another issue that I'm just patching with this fix. – Travis Smith Mar 16 '20 at 18:44