From e93538cea959568292a7d37f49a9f6c2ad196a92 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Garc=C3=ADa?=
 <dani-garcia@users.noreply.github.com>
Date: Sun, 10 Mar 2019 14:44:42 +0100
Subject: [PATCH] Add option to use wrapped TLS in email, instead of STARTTLS
 upgrade

---
 src/config.rs | 4 +++-
 src/mail.rs   | 8 +++++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/config.rs b/src/config.rs
index 7cf8f8a0..e93eda5f 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -303,8 +303,10 @@ make_config! {
         smtp_host:              String, true,   option;
         /// Enable SSL
         smtp_ssl:               bool,   true,   def,     true;
+        /// Use explicit TLS |> Enabling this would force the use of an explicit TLS connection, instead of upgrading an insecure one with STARTTLS
+        smtp_explicit_tls:      bool,   true,   def,     false;
         /// Port
-        smtp_port:              u16,    true,   auto,    |c| if c.smtp_ssl {587} else {25};
+        smtp_port:              u16,    true,   auto,    |c| if c.smtp_explicit_tls {465} else if c.smtp_ssl {587} else {25};
         /// From Address
         smtp_from:              String, true,   def,     String::new();
         /// From Name
diff --git a/src/mail.rs b/src/mail.rs
index 938eb4bd..2a99dbf1 100644
--- a/src/mail.rs
+++ b/src/mail.rs
@@ -18,7 +18,13 @@ fn mailer() -> SmtpTransport {
             .build()
             .unwrap();
 
-        ClientSecurity::Required(ClientTlsParameters::new(host.clone(), tls))
+        let params = ClientTlsParameters::new(host.clone(), tls);
+
+        if CONFIG.smtp_explicit_tls() {
+            ClientSecurity::Wrapper(params)
+        } else {
+            ClientSecurity::Required(params)
+        }
     } else {
         ClientSecurity::None
     };