SMTP from n8n running in docker

Hi,

First of all, thanks to the community for building such an exciting tool !

I’ve spent quite some time trying to deploy my own instance of n8n on docker from a small VPS, which is mostly working flawlessly.

My only issue right now is that I cannot get the “Send Email” node to work. I’ve tried numerous different SMTP credentials (SES, Mailjet) with/without TLS, on ports 25/465/587, but no matter what I try, executing the Node consistently ends with a timeout error:

ERROR: Connection timeoutThis text will be hidden
Error: Connection timeout
    at SMTPConnection._formatError (/usr/local/lib/node_modules/n8n/node_modules/nodemailer/lib/smtp-connection/index.js:784:19)
    at SMTPConnection._onError (/usr/local/lib/node_modules/n8n/node_modules/nodemailer/lib/smtp-connection/index.js:770:20)
    at Timeout.<anonymous> (/usr/local/lib/node_modules/n8n/node_modules/nodemailer/lib/smtp-connection/index.js:235:22)
    at listOnTimeout (internal/timers.js:549:17)
    at processTimers (internal/timers.js:492:7)

Admittedly it’s my first time working with docker-compose, so I’m probably missing something…
I tweaked the documentation’s docker-compose.yml file a little so that I could launch n8n along with traefik and portainer. I’ve also tried to deploy an smtp container (namshi/smtp, docker-mailserver…) and link it to n8n, again to no avail.

Is SMTP supposed to work out of the box? If not, would someone kindly walk me through the steps needed to get there?

Thank you!

Hey @pec! Welcome to the community (and thanks for the kind words :blush:).

I’m going to leave answers the question about the SMTP node to those who know more about it that I do (ahem…@jan) but I would like to provide a bit of perspective on SMTP (an network in general) troubleshooting.

When you have a network service, such as SMTP, there are usually one of three things that is misconfigured:

  1. The service (SMTP)
  2. The client (SMTP Node)
  3. The network (Docker, VPS, ISP, Internet, etc.)

So, since the network is the most complex, let’s take a look at it first. Because there are so many different things that can cause network problems, many of which are outside of your control (e.g. Internet), one approach is to bring your services as close to you as possible and rely on others as little as possible. So, to to that in this instance, I would suggest putting the SMTP service of your VPS (or even inside your Docker container). This way, it reduces the hops it has to make over the network(s), reducing the likelihood that the communication will get lost.

I’m going to talk about the client and the service together because their configurations are so closely linked together. you need to go through the service and the client configurations side by side, making sure that they match up with the other. so, for example, if the server side requires TSL, then the client side must provide TSL.

In your instance, Docker also provides another aspect to investigate (I have to admit that my Docker experience is limited but I’m working to resolve that). May I suggest some of the Docker networking tutorials as a quick guide.

Hope that at least provides a bit of insight.

1 Like

Thanks a lot @Tephlon for the general debug overview.

@pec Actually it should normally simply work. But there are some known problems with SSL with the base alpine image. So it is maybe worth trying the ubuntu image instead.
All n8n versions have them also build by default and you simply have to add -ubuntu. Meaning the latest ubuntu image would be: n8nio/n8n:0.67.3-ubuntu

1 Like

@Tephlon, thank you so much for the exhaustive explanations and your link to the Docker tutorials. As far as the configuration goes, I am absolutely certain that the credentials match and are otherwise functional.
@jan Thank you too! I was hopeful but unfortunately changing the image did not do the trick. I also tried downgrading to n8nio/n8n:0.67.0-ubuntu, which did not work either.
Note that other nodes such as Google Sheets and HTTP request work perfectly!

I just tried running telnet from within the container, and it actually never goes through… Again, tried with the AWS smtp host as well as with various ports

[email protected]:/# telnet in-v3.mailjet.com 587
Trying 104.199.96.85...
telnet: Unable to connect to remote host: Connection timed out

Very strange. But then it sounds like it would not be n8n related. Can you connect to it via telnet from your host? If so can you connect through it via other docker images?

There should not be anything in the n8n docker image I am aware of which should block access. For that reason would it be very interesting to know the answers to the above questions to narrow the problem down.

1 Like

Could it be network related? All three containers are launched from their own docker-compose file but linked to the same bridge network…

Could be network related but normally should it not restrict outgoing traffic. What about my above questions?

Btw. if you use mailjet did you try to simply use the special Mailjet-Node n8n offers?

I did use the Maijet node, which works fine, but I wanted to use AWS SES via SMTP to save on costs…

Forgive my ignorance: how would I go about connecting to the n8n container via telnet, and via other containers ($ docker exec -it other_container bash I assume?)

Thanks again for your help and patience!

Just a thought: could it be something related to DNS settings (Cloudflare), behind which the domains+subdomains are?

Edit: just tried running telnet email-smtp.eu-west-1.amazonaws.com 587 from the server itself, and indeed it times out too. So it should be a Cloudflare issue, or an issue with the server itself…

Edit2: Removed all Cloudflare proxying, the A record subdomains are DNS only. telnet still not going through!

Ok then it is at least for sure not docker or n8n related.

I can also not imagine that Cloudflare is the issue. Only your incoming traffic runs through it but not your outgoing one.
Is it also an AWS server you are running n8n on? Because they have like special network settings where you can control what incoming and outgoing traffic is allowed.

I’m using Scaleway. I’ve got Huginn running on another instance and the emails are sent “out of the box”. I’ll try running huginn on the same server and see what happens…

Did very fast google “scaleway 587” and this showed up:
https://www.scaleway.com/en/faq/why-can-i-not-send-any-email/

So it seems like you have to contact them.

1 Like

This is shameful… Hidden in plain sight. The fact that SMTP was going through from other instances, somehow, made me completely overlook this possibility. Indeed the timeout immediately went away. Thanks a bunch for this.

Now the error is this, which is probably a bad traefik configuration. There’s an abundance of results on Google so I’ll try to dig into it on my own.

ERROR: 139748966340416:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:

Can’t thank you enough for your help :slight_smile:

I just deactivated TLS for the time being :man_shrugging:

Great to hear!

That could not really be the SSL issue I talked about before. Did you try the -ubuntu image?