Hey @simon.lewis,
It could be down to the ignore SSL option not being there although if it is using 25 with SSL set to false it should only try to use SSL still if the server is claiming to support starttls. It could be that as well as an option to ignore self signed certificates we might also need an option to support fully unencrypted options.
Out of interest which mail server are you using? I should probably get something local set up for testing.
Hey Jon,
It’s Microsoft Exchange on-prem. Confirmed its using port 25 with TLS/SSL set to false.
Si
Hi Jon,
Apparently not, no, but I suspect it does not matter as the SMTP communication is actually with an IIS server (does not actually touch Exchange). That is, it gets more complex as we actually use an IIS SMTP relay internally and that is what is configured for n8n to use. No TLS at all on that (and I checked) and it is configured for anonymous access.
S
Hey @simon.lewis,
That has got more complex 
Out of interest when n8n says it can’t send the email what does the relay log? That could provide more of a hint on this one.
Good question ! … will see if I can find out.
Meanwhile, is there a way to ‘invite’ someone to the system and bypass the verification email thing ? I guess I just need to copy / construct whatever verification link gets sent out in the email ?
Thanks
Si
Hey @simon.lewis,
So what you could do is manually build out the sign up URL, It will be something like…
/signup?inviterId=ID_OF_INVITING_USER&inviteeId=ID_OF_INVITED_USER
From the database you can find both of these values as ID under the user table, It isn’t pretty but it would get you started.
Thanks Jon - that worked ! Will update if I can get the SMTP logs …
Hi @Jon,
Example of a request logged at the SMTP relay …
Si
2022-04-19 03:33:49 163.7.22.59 [127.0.0.1] SMTPSVC1 V-ROT-aaa 163.7.18.150 0 EHLO - +[127.0.0.1] 250 0 217 16 0 SMTP - - - -
2022-04-19 03:33:49 163.7.22.59 [127.0.0.1] SMTPSVC1 V-ROT-aaa 163.7.18.150 0 STARTTLS - - 220 0 0 8 0 SMTP - - - -
2022-04-19 03:33:49 163.7.22.59 [127.0.0.1] SMTPSVC1 V-ROT-aaa 163.7.18.150 0 STARTTLS - - 220 0 29 8 0 SMTP - - - -
2022-04-19 03:33:49 163.7.22.59 [127.0.0.1] SMTPSVC1 V-ROT-aaa 163.7.18.150 0 EHLO - +[127.0.0.1] 250 0 277 16 0 SMTP - - - -
2022-04-19 03:33:49 163.7.22.59 [127.0.0.1] SMTPSVC1 V-ROT-aaa 163.7.18.150 0 MAIL - +FROM:[email protected] 250 0 117 33 0 SMTP - - - -
2022-04-19 03:33:49 163.7.22.59 [127.0.0.1] SMTPSVC1 V-ROT-aaa 163.7.18.150 0 RCPT - +TO:[email protected] 250 0 117 39 0 SMTP - - - -
2022-04-19 03:33:49 163.7.22.59 [127.0.0.1] SMTPSVC1 V-ROT-aaa 163.7.18.150 0 DATA - +[email protected] 250 0 282 671 47 SMTP - - - -
2022-04-19 03:33:49 163.7.22.59 [127.0.0.1] SMTPSVC1 V-ROT-aaa 163.7.18.150 0 QUIT - [127.0.0.1] 240 109 282 671 47 SMTP - - - -
Hey @simon.lewis,
That looks like it might have worked, I assume the 52877xxxxx is a message ID, That also shows the starttls command so it is enabled but it looks like it got past that 
Is there a debug option that can be enabled to get the full handshake?
Hi @MutedJam and thank you for the answer.
It is, but I believe I have configured my n8n instance accordingly, to actually use port 25.
Here is a excerpt from my docker-compose.yaml, from the environment section:
N8N_EMAIL_MODE: smtp
N8N_SMTP_HOST: <host>
N8N_SMTP_PORT: '25'
N8N_SMTP_USER: NA
N8N_SMTP_PASS: NA
N8N_SMTP_SENDER: <sender>
N8N_SMTP_SSL: "false"
And here is the corresponding printout from the environment from inside of my container:
N8N_EMAIL_MODE=smtp
N8N_SMTP_HOST=<host>
N8N_SMTP_PORT=25
N8N_SMTP_USER=NA
N8N_SMTP_PASS=NA
N8N_SMTP_SENDER=<sender>
N8N_SMTP_SSL=false
Does it look correct, if my intention is indeed to use port 25?
Also, should setting N8N_SMTP_SSL=false be enough if I want to use uencrypted traffic over to 25?
Somewhere down the discussion it has been suggested, that
so I guess it’s not yet there at this point?
I have been conducting part of my tests with using a mock SMTP server, which has nothing to do with SSL, but just listens for unencrypted traffic on port 25 and does not send out any actual emails, rather saving them to a file as EML instead. Extremely useful for testing services that send out emails. I don’t see any reason why n8n should not be able to cooperate with such arrangement, so that I can extract the invitation link from an EML file later.
Finally, is there perhaps a way to skip configuring SMTP server altogether and just create accounts for the users some other way with notifying them later manually?
Such would also work in my scenario.
Generally, right now I find myself in a situation were in order to use the user management feature I need to have an SMTP server configured in a particular way that I have no control over. In my particular use case it’s very limiting.
Thanks and appreciating every help.
Have a good day.
Hello @Jon,
This method of manually building out the sign up URL got my interest but I’m having difficulties using it.
When I want to invite a user and I keep having problems related to my SMTP server configuration as I described in my original post at the very top (SSL issues in short), at the moment of an unsuccessful invite user button click there is no invitee record created in the user table in the database, so I have nowhere to get the invitee id from at that point.
Is there any way I can get around that?
At what point does this new user actually get created?
Thanks
Hi Jon,
Sorry but I am told that is all the info we can get.
Si
Hi @simon.lewis,
That is a shame, it looks like it is connecting and trying to send so it may not be an n8n issue. It is also possible that the request there is not from n8n when sending an invite email 
For now I think the manual approach is going to be the way forward, I will check the internal ticket to see if there have been any updates.
As a temporary solution something like mailersend has a fairly good free tier that might get you by.
Thanks @Jon - I’ll keep nagging to see if we can get more info to pin this down.
For us, it is OK to work around as it only affects user invites. The Send Email node works fine.
Ultimately, our preference would probably be for shared access to administer all workflows so will keep an eye on potential future improvements to User Management (I see some comments on this across the forum).
Thanks again for the support and comments.
so I am my server is using port 25 starttls enabled, what are my options? need to use send emails
For me this was the fix: Cannot get mails via IMAP - #5 by MutedJam
I did not know beside disabling SSL/TLS in config window I had to do this!
A related issue I have found is when using Google’s SMTP Relay service like my company. Since the relay service is setup to authenticate via IP no username/password authentication is required. From my testing N8N requires values to be set for the username and password variables in order for the Invite button to work. However, since Google’s SMTP Relay can be used with username/password authentication the relay fails if I don’t enter valid info for the username/password. It would be nice if the Username and Password variables for the SMTP were marked as Optional instead of Required.
Hello @Jon,
I’m having the same issue as described.
I was able to send email on node “Send Email”. I used it to debug.
On that node I’m able to send the e-mail when i select the option: Ignore SSL Issues
Before I was getting the same issue on Send Email node and N8N SMTP configurations.
Do we have the same option as environment variables for SMTP setup, something like : “N8N_SMTP_IGNORESSLISSUES”?
For SMTP configurations I just have the host and port 25.
N8N_EMAIL_MODE=smtp
N8N_SMTP_HOST=smpt.ourhost.com
N8N_SMTP_PORT=25
N8N_SMTP_USER=
N8N_SMTP_PASS=
N8N_SMTP_SSL=false
N8N_SMTP_SENDER=our-noreply-email
It works on Send Email node with “Ignore SSL Issues” option but not on on the environment variables. I don’t see Ignore SSL issues variable on documentation. Do we have something similar here?
Any suggestion?
Issue on send email without “Ignore SSL Issues”
Issue when try to send an invite using SMTP configuration on N8N:
Thank you!
Hey @abarreir,
We don’t have an option to ignore the SSL certs at the moment but… In 0.210.2 we have added an option to copy the invite link so it can be manually sent out.
It doesn’t solve the problem but maybe this will help.
