Package Health Score

91 / 100

security
No known security issues
popularity
Key ecosystem project
maintenance
Healthy
community
Active

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
6.9.15	\|	09/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
6.9.14	\|	06/2024	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
6.8.0	\|	09/2022		0 C 0 H 1 M 0 L	0 H 0 M 0 L
5.1.1	\|	01/2019		0 C 1 H 2 M 0 L	0 H 0 M 0 L
4.7.0	\|	11/2018		0 C 1 H 2 M 0 L	0 H 0 M 0 L

License

MIT-0

Security Policy

Yes

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Key ecosystem project

Weekly Downloads (3,630,910)

GitHub Stars: 16.55K
Forks: 1.36K
Contributors: 130

Direct Usage Popularity

The npm package nodemailer receives a total of 3,630,910 downloads a week. As such, we scored nodemailer popularity level to be Key ecosystem project.

Based on project statistics from the GitHub repository for the npm package nodemailer, we found that it has been starred 16,553 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Active

Readme.md: Yes
Contributing.md: No
Code of Conduct: Yes
Contributors: 130
Funding: Yes

A good and healthy external contribution signal for nodemailer project, which invites more than one hundred open source maintainers to collaborate on the repository.

Embed Package Health Score Badge

Maintenance

Healthy

Commit Frequency

Open Issues: 7
Open PR: 1
Last Release: 4 days ago
Last Commit: 1 month ago

Further analysis of the maintenance status of nodemailer based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that nodemailer demonstrates a positive version release cadence with at least one new version released in the past 3 months.

In the past month we didn't find any pull request activity or change in issues status has been detected for the GitHub repository.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: >=6.0.0

Age: 14 years
Dependencies: 0 Direct
Versions: 272
Install Size: 506 kB
Dist-tags: 2
# of Files: 43
Maintainers: 1
TS Typings: Yes

nodemailer has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use nodemailer?

To help you get started, we've collected the most common ways that nodemailer is being used within popular public projects.

voluntarily / vly2 / x / email / testemail.js View on Github

})

  // send mail with defined transport object
  const info = await transporter.sendMail({
    from: '"Fred Foo 👻" ', // sender address
    to: 'bar@example.com, baz@example.com', // list of receivers
    subject: 'Hello ✔', // Subject line
    text: 'Hello world?', // plain text body
    html: '<b>Hello world?</b>' // html body
  })

  console.log('Message sent: %s', info.messageId)
  // Message sent: 

  // Preview only available when sending through an Ethereal account
  console.log('Preview URL: %s', nodemailer.getTestMessageUrl(info))
  // Preview URL: https://ethereal.email/message/WaQKMgKddxQDoou...
}

View more ways to use nodemailer

Nodemailer

Send emails from Node.js – easy as cake! 🍰✉️

See nodemailer.com for documentation and terms.

[!TIP] Check out EmailEngine – a self-hosted email gateway that allows making REST requests against IMAP and SMTP servers. EmailEngine also sends webhooks whenever something changes on the registered accounts.

Using the email accounts registered with EmailEngine, you can receive and send emails. EmailEngine supports OAuth2, delayed sends, opens and clicks tracking, bounce detection, etc. All on top of regular email accounts without an external MTA service.

Having an issue?

First review the docs

Documentation for Nodemailer can be found at nodemailer.com.

Nodemailer throws a SyntaxError for "..."

You are using an older Node.js version than v6.0. Upgrade Node.js to get support for the spread operator. Nodemailer supports all Node.js versions starting from Node.js@v6.0.0.

I'm having issues with Gmail

Gmail either works well, or it does not work at all. It is probably easier to switch to an alternative service instead of fixing issues with Gmail. If Gmail does not work for you, then don't use it. Read more about it here.

I get ETIMEDOUT errors

Check your firewall settings. Timeout usually occurs when you try to open a connection to a firewalled port either on the server or on your machine. Some ISPs also block email ports to prevent spamming.

Nodemailer works on one machine but not in another

It's either a firewall issue, or your SMTP server blocks authentication attempts from some servers.

I get TLS errors

If you are running the code on your machine, check your antivirus settings. Antiviruses often mess around with email ports usage. Node.js might not recognize the MITM cert your antivirus is using.
Latest Node versions allow only TLS versions 1.2 and higher. Some servers might still use TLS 1.1 or lower. Check Node.js docs on how to get correct TLS support for your app. You can change this with tls.minVersion option
You might have the wrong value for the secure option. This should be set to true only for port 465. For every other port, it should be false. Setting it to false does not mean that Nodemailer would not use TLS. Nodemailer would still try to upgrade the connection to use TLS if the server supports it.
Older Node versions do not fully support the certificate chain of the newest Let's Encrypt certificates. Either set tls.rejectUnauthorized to false to skip chain verification or upgrade your Node version

let configOptions = {
    host: "smtp.example.com",
    port: 587,
    tls: {
        rejectUnauthorized: true,
        minVersion: "TLSv1.2"
    }
}

I have issues with DNS / hosts file

Node.js uses c-ares to resolve domain names, not the DNS library provided by the system, so if you have some custom DNS routing set up, it might be ignored. Nodemailer runs dns.resolve4() and dns.resolve6() to resolve hostname into an IP address. If both calls fail, then Nodemailer will fall back to dns.lookup(). If this does not work for you, you can hard code the IP address into the configuration like shown below. In that case, Nodemailer would not perform any DNS lookups.

let configOptions = {
    host: "1.2.3.4",
    port: 465,
    secure: true,
    tls: {
        // must provide server name, otherwise TLS certificate check will fail
        servername: "example.com"
    }
}

I have an issue with TypeScript types

Nodemailer has official support for Node.js only. For anything related to TypeScript, you need to directly contact the authors of the type definitions.

I have a different problem

If you are having issues with Nodemailer, then the best way to find help would be Stack Overflow or revisit the docs.

License

Nodemailer is licensed under the MIT No Attribution license

The Nodemailer logo was designed by Sven Kristjansen.

nodemailer development dependencies

@aws-sdk/client-ses bunyan c8 eslint eslint-config-nodemailer eslint-config-prettier libbase64 libmime libqp nodemailer-ntlm-auth proxy proxy-test-server smtp-server

FAQs

What is nodemailer?

Easy as cake e-mail sending from your Node.js applications. Visit Snyk Advisor to see a full health score report for nodemailer, including popularity, security, maintenance & community analysis.

Is nodemailer popular?

The npm package nodemailer receives a total of 3,630,910 weekly downloads. As such, nodemailer popularity was classified as a key ecosystem project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is nodemailer well maintained?

We found that nodemailer demonstrated a healthy version release cadence and project activity. It has a community of 130 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is nodemailer safe to use?

The npm package nodemailer was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 6 September-2024, at 16:01 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (3,630,910)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Not sure how to use nodemailer?

Nodemailer

Having an issue?

First review the docs

Nodemailer throws a SyntaxError for "..."

I'm having issues with Gmail

I get ETIMEDOUT errors

Nodemailer works on one machine but not in another

I get TLS errors

I have issues with DNS / hosts file

I have an issue with TypeScript types

I have a different problem

License

nodemailer development dependencies

FAQs

What is nodemailer?

Is nodemailer popular?

Is nodemailer well maintained?

Is nodemailer safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues