Emails not send with selfsigned certificate on mailserver and no possibility to disable tls

[philippkayser]

Issue Summary

When attempting to send an email from Cal.com using a mail server with a self-signed certificate, the application fails due to TLS validation. The error indicates that the certificate is self-signed and the connection is being rejected. It would be beneficial to provide an option to disable TLS validation, similar to the configuration available in [Nodemailer](https://nodemailer.com/smtp/) using secure: false.

Steps to Reproduce

1. Configure the application to use a mail server with a self-signed SSL/TLS certificate.
2. Attempt to send an email (e.g., an invitation or notification email).
3. Observe the error in the application logs.

Actual Results

• The application fails to send the email and logs the following error:

  Error: self-signed certificate
      at TLSSocket.onConnectSecure (node:_tls_wrap:1659:34)
      at TLSSocket.emit (node:events:517:28)
      at TLSSocket._finishInit (node:_tls_wrap:1070:8)
      at ssl.onhandshakedone (node:_tls_wrap:856:12)
      at TLSWrap.callbackTrampoline (node:internal/async_hooks:128:17) {
        code: 'ESOCKET',
        command: 'CONN'
      }
  

Expected Results

• The email should be successfully sent, even if the server uses a self-signed certificate, by bypassing TLS validation when explicitly configured (e.g., using a secure: false option).

Technical Details

Based on latest version from github and dockerhub

Evidence

• Testing was performed using a self-signed certificate on the mail server.
• Screenshots or logs showing the error are attached. For instance:

  calcom-1         | @calcom/web:start: sendEmail from: Cal.com <info@l> subject:  hat Sie eingeladen, dem Team  auf Cal.com beizutreten Error: self-signed certificate
  calcom-1         | @calcom/web:start:     at TLSSocket.onConnectSecure (node:_tls_wrap:1659:34)
  

• Network requests and configurations were verified to confirm the root cause of the issue.

---

Having an option to bypass TLS validation (e.g., secure: false) would resolve this issue and provide flexibility in handling mail servers with self-signed certificates.

[kto2038]

If you set the EMAIL_SERVER_HOST variable to empty in the .env file, the /usr/sbin/sendmail command will be used to send emails. A workaround is to install a mail server such as Postfix so that the /usr/sbin/sendmail command can send emails.