fd9c6a748b
When the SMTP courier gets an error on STARTTLS (either because the command itself failed, or because there was a low-level TLS negotiation error), today we just fail that attempt. This can cause messages to never be delivered if the underlying reason is a server misconfiguration (e.g. a server certificate that Go cannot parse). This is quite rare in practice, but it can happen. To prevent this situation, this patch adds logic so that the SMTP courier retries over plaintext when STARTTLS fails. This is still subject to security level checks, so this type of failures cannot be used to downgrade connections to domains we successfully established a TLS connection previously. Note that certificate validation issues are NOT included in this type of failure, so they will not trigger a retry. The certificate validation handling is unchanged by this patch.
3.0 KiB
3.0 KiB