Email Notifications: Add StartTLSPolicy config flag (#24574)

16297da2 · thameezb · GitHub · 285ea759 · 16297da2 · 16297da2
Commit 16297da2 authored May 13, 2020 by thameezb Committed by GitHub May 13, 2020
Show whitespace changes
Inline Side-by-side

Showing with 20 additions and 0 deletions

conf/defaults.ini
+1 -0

conf/sample.ini
+2 -0

docs/sources/installation/configuration.md
+3 -0

pkg/services/notifications/mailer.go
+12 -0

pkg/setting/setting_smtp.go
+2 -0

No files found.
--- a/conf/defaults.ini
+++ b/conf/defaults.ini
@@ -464,6 +464,7 @@ skip_verify = false
 from_address = admin@grafana.localhost
 from_name = Grafana
 ehlo_identity =
+startTLS_policy =

 [emails]
 welcome_email_on_sign_up = false

--- a/conf/sample.ini
+++ b/conf/sample.ini
@@ -454,6 +454,8 @@
 ;from_name = Grafana
 # EHLO identity in SMTP dialog (defaults to instance_name)
 ;ehlo_identity = dashboard.example.com
+# SMTP startTLS policy (defaults to 'OpportunisticStartTLS') 
+;startTLS_policy = NoStartTLS

 [emails]
 ;welcome_email_on_sign_up = false

--- a/docs/sources/installation/configuration.md
+++ b/docs/sources/installation/configuration.md
@@ -560,6 +560,9 @@ Name to be used when sending out emails, defaults to `Grafana`
 ### ehlo_identity
 Name to be used as client identity for EHLO in SMTP dialog, defaults to instance_name.

+### startTLS_policy
+Either "OpportunisticStartTLS", "MandatoryStartTLS", "NoStartTLS". Default is "OpportunisticStartTLS"
+
 ## [log]

 ### mode

--- a/pkg/services/notifications/mailer.go
+++ b/pkg/services/notifications/mailer.go
@@ -111,6 +111,7 @@ func (ns *NotificationService) createDialer() (*gomail.Dialer, error) {

 	d := gomail.NewDialer(host, iPort, ns.Cfg.Smtp.User, ns.Cfg.Smtp.Password)
 	d.TLSConfig = tlsconfig
+	d.StartTLSPolicy = getStartTLSPolicy(ns.Cfg.Smtp.StartTLSPolicy)

 	if ns.Cfg.Smtp.EhloIdentity != "" {
 		d.LocalName = ns.Cfg.Smtp.EhloIdentity
@@ -120,6 +121,17 @@ func (ns *NotificationService) createDialer() (*gomail.Dialer, error) {
 	return d, nil
 }

+func getStartTLSPolicy(policy string) gomail.StartTLSPolicy {
+	switch policy {
+	case "NoStartTLS":
+		return -1
+	case "MandatoryStartTLS":
+		return 1
+	default:
+		return 0
+	}
+}
+
 func (ns *NotificationService) buildEmailMessage(cmd *models.SendEmailCommand) (*Message, error) {
 	if !ns.Cfg.Smtp.Enabled {
 		return nil, models.ErrSmtpNotEnabled

--- a/pkg/setting/setting_smtp.go
+++ b/pkg/setting/setting_smtp.go
@@ -10,6 +10,7 @@ type SmtpSettings struct {
 	FromAddress    string
 	FromName       string
 	EhloIdentity   string
+	StartTLSPolicy string
 	SkipVerify     bool

 	SendWelcomeEmailOnSignUp bool
@@ -27,6 +28,7 @@ func (cfg *Cfg) readSmtpSettings() {
 	cfg.Smtp.FromAddress = sec.Key("from_address").String()
 	cfg.Smtp.FromName = sec.Key("from_name").String()
 	cfg.Smtp.EhloIdentity = sec.Key("ehlo_identity").String()
+	cfg.Smtp.StartTLSPolicy = sec.Key("startTLS_policy").String()
 	cfg.Smtp.SkipVerify = sec.Key("skip_verify").MustBool(false)

 	emails := cfg.Raw.Section("emails")