Add warning to mailer documentation about authentication (#11563)

* Add warning to mailer documentation about authentication

References #7966

Signed-off-by: Andrew Thornton <art27@cantab.net>

* As per @guillep2k and @mrsdizzie

* as per @mrsdizzie

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
This commit is contained in:
zeripath 2020-05-24 23:56:18 +01:00 committed by GitHub
parent 39b792f424
commit 02a52d683b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 16 additions and 3 deletions

View file

@ -46,6 +46,12 @@ PASSWD = `password`
For the full list of options check the [Config Cheat Sheet]({{< relref "doc/advanced/config-cheat-sheet.en-us.md" >}})
- Please note: authentication is only supported when the SMTP server communication is encrypted with TLS or `HOST=localhost`. TLS encryption can be through:
- Via the server supporting TLS through STARTTLS - usually provided on port 587. (Also known as Opportunistic TLS.)
- SMTPS connection (SMTP over transport layer security) via the default port 465.
- Forced SMTPS connection with `IS_TLS_ENABLED=true`. (These are both known as Implicit TLS.)
- This is due to protections imposed by the Go internal libraries against STRIPTLS attacks.
### Gmail
The following configuration should work with GMail's SMTP server: