Error while sending SMTP email (outlook)

Got below error while trying to send email from n8n

Error: 139801486863688:error:1408F10B:SSL routines:ssl3_get_record:
wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:

The connection settings are like below as per Microsoft Link

n8n version: 0.157.0
docker installation

The default Alpine based image does sadly cause sometimes problems with SSL. Please try the debian based one instead.

So instead of:

n8nio/n8n:0.157.0
# or
n8nio/n8n:latest

try the following ones:

n8nio/n8n:0.157.0-debian
# or
n8nio/n8n:latest-debian

Wouldnt this be a TLS issue?
We have had this problem with our reporting tool. As microsoft (fairly) recently changed their TLS to randomly fail on old TLS versions.

Had to change the mailing package for our reporting tool to support the newer TLS version.
( Native smtp to mailkit library in C# .Net)
No problem anymore since I made that change.

Yes, that is possible. Honestly have not the slightest idea about SSL/TLS that is why I very often use them, for sure, totally wrong interchangeably.

hi mate, how do you change that? is it a new node or developed a custom node?

hi
Just tried using the latest-debian, but have the same issue

**"140132772063040:error:1408F10B:SSL routines:ssl3_get_record:
wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332: "**

Hi @getk

Try smtp.office365.com
Have read somewhere that could fix it in some cases when you are having issues.

same error. Tried both port 587 and 25 with SSL/TLS enabled

Anything related to: Node.js nodemailer error - wrong version number/invalid greeting - Stack Overflow

I am sorry, cannot really help any further.
Hope someone else on the Community got it working and can help you with outlook/office365 smtp.

Might be able to do some testing with my outlook account, but that wouldnt be soon I think.

When I got the chance and the issue is still open Ill test it.

2 Likes

Just made an outlook.com account for testing and if you uncheck the SSL/TLS option and use port 587 it will work.

I have been looking at the documentation for the Node library used for SMTP (SMTP transport :: Nodemailer) and it looks like secure should be set to false for StartTLS (normally ports 25 and 587 and set to true for port 465.

secure – if true the connection will use TLS when connecting to server. If false (the default) then TLS is used if server supports the STARTTLS extension. In most cases set this value to true if you are connecting to port 465. For port 587 or 25 keep it false

The problem is in EmailSend.node.ts there is the below chunk of code

const connectionOptions: SMTPTransport.Options = {
  host: credentials.host as string,
  port: credentials.port as number,
  secure: credentials.secure as boolean,
};

This correctly sets the secure option to true or false based on what SSL/TLS is set to in the credentials but annoyingly NodeMailer isn’t smart enough to work out the handshake properly.

Checking in wireshark with a filter of tcp.port == 587 shows that it is connecting without using SSL/TLS then the StartTLS command is sent and the certificate negotiation happens so by doing this it isn’t sending anything in plain text that would be senstive.

Let me know if you have any questions on this one and if it helps :+1:

3 Likes

thanks @jon . After making the changes as you suggested, I got new error

ERROR:Message failed: 554 5.2.0 STOREDRV.Submission.Exception:OutboundSpamException; 
Failed to process message due to a permanent exception with message WASCL UserAction verdict is not None. 
Actual verdict is Suspend, ShowTierUpgrade. OutboundSpamException: WASCL UserAction verdict is not None

May be it detected a non-tls traffic coming from already existing TLS connection?

PS: I tested with

Hey @getk,

That error isn’t related to TLS that is the mail server giving you the 554 5.2.0 error code and a message I have not seen before but what I do know is it doesn’t appear to be directly related to n8n or the NodeMailer library as a quick Google search shows a few results.

I take it you can log in to that account and send an email normally?

Yes, I can login and send email normally
(I had got an email saying spam detected and account locked. But I did unlock and can send and receive email normally). But the error while sending from n8n smtp node still occurs

Which error are you getting now? Is it still the error coming back from the server rather than the original error?

The original error is NOT present with your recommended settings. But the SPAM error is now coming

That is good and bad, so you would need to work out why you are being flagged for spam.

Where do you have n8n setup and do you use it to send a lot of emails?

nope. I did send less than 5 emails before I went with your option. But I’ve unlocked on the 5 or 6th email. But strange that it is still getting the same error while sending from n8n.
I’ve got my n8n setup in docker container in my lab.

Just out of curisotity, does the n8n-debian image have a sendmail enabled? can we leverage it for sending mail?

It doesn’t that I know of but to be honest the message you are getting is from the mail server and it is saying the account is locked for spam / hitting a limit.

Other people online have reported getting an email notification that contains more information are you seeing the same thing? From what I understand outlook / hotmail is also very picky on the free accounts when sending emails and will try to nudge you to a 365 sub blocking any emails after 20 have been sent through an automated process until you have verified the account again.

thanks @jon . I will mark your answer as solution. Hopefully when we buy n8n license with the client , their office365 won’t have the issue.

1 Like

O365 should be fine, if you can get a test user from the client you could give it a bash but depending on what they are doing it may be cheaper or better to use a dedicated email sending service.