"smtp-pass:s" => \$smtp_authpass,
"smtp-ssl" => sub { $smtp_encryption = 'ssl' },
"smtp-encryption=s" => \$smtp_encryption,
- "smtp-ssl-cert-path" => \$smtp_ssl_cert_path,
+ "smtp-ssl-cert-path=s" => \$smtp_ssl_cert_path,
"smtp-debug:i" => \$debug_net_smtp,
"smtp-domain:s" => \$smtp_domain,
"identity=s" => \$identity,
}
if (!defined $smtp_ssl_cert_path) {
- $smtp_ssl_cert_path = "/etc/ssl/certs";
+ # use the OpenSSL defaults
+ return (SSL_verify_mode => SSL_VERIFY_PEER());
}
if ($smtp_ssl_cert_path eq "") {
$smtp_server_port ||= 465; # ssmtp
require Net::SMTP::SSL;
$smtp_domain ||= maildomain();
+ require IO::Socket::SSL;
+ # Net::SMTP::SSL->new() does not forward any SSL options
+ IO::Socket::SSL::set_client_defaults(
+ ssl_verify_params());
$smtp ||= Net::SMTP::SSL->new($smtp_server,
Hello => $smtp_domain,
Port => $smtp_server_port,
- ssl_verify_params());
+ Debug => $debug_net_smtp);
}
else {
require Net::SMTP;
if ($smtp->code == 220) {
$smtp = Net::SMTP::SSL->start_SSL($smtp,
ssl_verify_params())
- or die "STARTTLS failed! ".$smtp->message;
+ or die "STARTTLS failed! ".IO::Socket::SSL::errstr();
$smtp_encryption = '';
# Send EHLO again to receive fresh
# supported commands