If you have a Rails app that sends e-mails, you are probably using ActionMailer. Unfortunately, starting with Rails 2.2.2, you may have encountered a wonderfully annoying little error that looks like this:
OpenSSL::SSL::SSLError (hostname was not match with the server certificate): /usr/lib/ruby/1.8/openssl/ssl.rb:123:in `post_connection_check' /usr/lib/ruby/1.8/net/smtp.rb:582:in `tlsconnect' /usr/lib/ruby/1.8/net/smtp.rb:562:in `do_start' /usr/lib/ruby/1.8/net/smtp.rb:525:in `start' [...]
The are quite a few sites out there that give monkey patches for this problem, but those aren’t very useful because the next time you upgrade Rails, the monkey patch gets obliterated and you’re back to square 1. And then you have to remember how you monkeyed with it the last time to get it working again. Ug…
Instead, fix it the right way!
The reason this problem occurs is that starting with Rails 2.2.2, ActionMailer will automatically enable an encrypted connection with the mail server when trying to send out a message. This “feature” is enabled by default. If you don’t have a fancy, ungodly expensive certificate because you decided to roll your own, or if there is some problem with your certificate or postfix config, you get the above error.
Well, starting with Rails 2.2.3, there is a new option in ActionMailer::Base: enable_starttls_auto. This option allows you to turn off the automatic TLS “feature”.
To use the option, open up your environment.rb and add the following:
# Turn off auto TLS for e-mail ActionMailer::Base.smtp_settings[:enable_starttls_auto] = false
Restart your app, and the problem is fixed for good. Note that this option will only work if you’re using Ruby 1.8.7 or above. If you’re NOT using 1.8.7 or above, upgrade. It looks like older Ruby versions will not be officially supported by the next versions of Rails.
If you’re afraid of upgrading Ruby, fear not. Just try Ruby Enterprise Edition and Passenger. They’re easy to set up, they have extensive documentation, and you’ll be very pleased with the performance and easy of use!
Happy Holidays!!
Thanks
That’s a GREAT solution, not a monkey patch!
fyi, the tls “feature” as you call it is important if your application is contacting the mail server over the internet. otherwise you are sending your mail account password in clear text every time you connect.
in that case, the better fix for this issue is to actually generate the appropriate certificate on your app machine for the email host.
of course if it is all localhost or intranet, you’re probably a little better off when disabling this.
True. In my case, it was all localhost.
Thanks for the post, I used it to figure out a better way to do the same thing.
Just specify this in environments/production.rb
config.action_mailer.smtp_settings = {:enable_starttls_auto => false}
Thanks again!
I figured if I stuck it in environment.rb, it works in production, development, etc.
Hello,
this article really helped a lot. Saved a few hair from being pulled out!
Cheers!
I’ve been struggling for a while trying to figure out why I couldn’t get action_mailer to work. It just failed silently. I finally got the error message when I created a ruby script that used the mail gem directly, and found this post. Setting :enable_starttls_auto => false fixed it.
Thanks a lot!
Hi,
I’ve been stuck with same problem but making start tls false also doesnt help. Even when I use delivery method as sendmail Im stuck with a similar issue