From 88fafecc16e47b1ce15d2b4eec4a7de5bba28081 Mon Sep 17 00:00:00 2001
From: Danijel Micic <danijel@micic.au>
Date: Mon, 15 Dec 2025 11:54:56 +1100
Subject: [PATCH] Fix SMTP encryption logic for STARTTLS and Unencrypted modes

---
 server.js | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/server.js b/server.js
index df814bc..33318e7 100644
--- a/server.js
+++ b/server.js
@@ -27,22 +27,28 @@ app.post('/api/test-smtp', async (req, res) => {
         }) for ${user}`
     );
 
+    // Parse secure setting
+    const isSecure = secure === true || secure === "true";
+    const isNone = secure === "none";
+
     // Create Transporter
     const transporterConfig = {
         host: host,
         port: parseInt(port),
-        secure: secure === true || secure === "true", // true for 465, false for other ports
+        secure: isSecure, // true for 465, false for other ports
         auth: {
             user: user,
             pass: pass,
         },
+        tls: {
+            rejectUnauthorized: false, // Default to allowing self-signed
+        }
     };
 
-    // Only add TLS settings if secure is not explicitly "none"
-    if (secure !== "none") {
-        transporterConfig.tls = {
-            rejectUnauthorized: false, // Allow self-signed certs for testing flexibility
-        };
+    // Handle Unencrypted (Force Cleartext)
+    if (isNone) {
+        transporterConfig.ignoreTLS = true;
+        delete transporterConfig.tls; // Remove TLS config for cleartext
     }
 
     try {