From 61ede4280006bfd96ea1bbdebcda96d66608f094 Mon Sep 17 00:00:00 2001
From: Felix Ableitner <me@nutomic.com>
Date: Tue, 2 Jul 2019 13:38:53 +0200
Subject: [PATCH 1/3] Send emails with TLS

---
 functions.inc.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/functions.inc.php b/functions.inc.php
index 3fbbee19..42d1d3e6 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -1398,6 +1398,13 @@ function smtp_mail($to, $from, $data, $password = "", $body = "") {
         return false;
     } else {
         smtp_get_response($fh);
+        fputs($fh, "STARTTLS\r\n");
+        smtp_get_response($fh);
+
+        stream_set_blocking ($fh, true);
+        stream_socket_enable_crypto($fh, true, STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT);
+        stream_set_blocking ($fh, true);
+
         fputs($fh, "EHLO $smtp_server\r\n");
         smtp_get_response($fh);
 

From a46245eeccfc7cec1670acba6455c2c61caec628 Mon Sep 17 00:00:00 2001
From: Felix Ableitner <me@nutomic.com>
Date: Fri, 12 Jul 2019 11:24:59 +0200
Subject: [PATCH 2/3] Add config option for TLS

---
 config.inc.php    |  3 +++
 functions.inc.php | 13 ++++++++-----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/config.inc.php b/config.inc.php
index d1e76e18..98b00bfa 100644
--- a/config.inc.php
+++ b/config.inc.php
@@ -171,6 +171,9 @@ $CONF['smtp_port'] = '25';
 // Used in the HELO when sending emails from Postfix Admin
 $CONF['smtp_client'] = '';
 
+// Set 'YES' to use TLS when sending emails.
+$CONF['smtp_sendmail_tls'] = 'NO';
+
 // Encrypt
 // In what way do you want the passwords to be crypted?
 // md5crypt = internal postfix admin md5
diff --git a/functions.inc.php b/functions.inc.php
index 42d1d3e6..b6717267 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -1398,12 +1398,15 @@ function smtp_mail($to, $from, $data, $password = "", $body = "") {
         return false;
     } else {
         smtp_get_response($fh);
-        fputs($fh, "STARTTLS\r\n");
-        smtp_get_response($fh);
 
-        stream_set_blocking ($fh, true);
-        stream_socket_enable_crypto($fh, true, STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT);
-        stream_set_blocking ($fh, true);
+        if (Config::read_string('smtp_sendmail_tls') === 'YES') {
+            fputs($fh, "STARTTLS\r\n");
+            smtp_get_response($fh);
+
+            stream_set_blocking ($fh, true);
+            stream_socket_enable_crypto($fh, true, STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT);
+            stream_set_blocking ($fh, true);
+        }
 
         fputs($fh, "EHLO $smtp_server\r\n");
         smtp_get_response($fh);

From 8ba1cf20a7a576fe25626165f6f52681a83636c2 Mon Sep 17 00:00:00 2001
From: Felix Ableitner <me@nutomic.com>
Date: Mon, 22 Jul 2019 13:06:07 +0200
Subject: [PATCH 3/3] use config::bool instead of read_string

---
 functions.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/functions.inc.php b/functions.inc.php
index b6717267..56eacbd2 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -1399,7 +1399,7 @@ function smtp_mail($to, $from, $data, $password = "", $body = "") {
     } else {
         smtp_get_response($fh);
 
-        if (Config::read_string('smtp_sendmail_tls') === 'YES') {
+        if (Config::bool('smtp_sendmail_tls')) {
             fputs($fh, "STARTTLS\r\n");
             smtp_get_response($fh);