From 5d3b765a238f6df35e3233499d6da763ad7c6cd8 Mon Sep 17 00:00:00 2001
From: Samuel Leweke <samuel@leweke.info>
Date: Thu, 12 Mar 2020 11:26:54 +0100
Subject: [PATCH] Use opportunistic TLS in SMTP connections

If SSL is disabled, the SMTP ClientSecurity of the lettre crate
defaults to None, that is, an insecure connection. This is changed to
Opportunistic, which uses TLS if available. If TLS is not available,
the insecure connection is used (i.e., this change is backward
compatible).
---
 src/mail.rs | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/mail.rs b/src/mail.rs
index 77eb2ac..7a3c660 100644
--- a/src/mail.rs
+++ b/src/mail.rs
@@ -18,21 +18,21 @@ use chrono::NaiveDateTime;
 fn mailer() -> SmtpTransport {
     let host = CONFIG.smtp_host().unwrap();
 
+    let tls = TlsConnector::builder()
+        .min_protocol_version(Some(Protocol::Tlsv11))
+        .build()
+        .unwrap();
+
+    let tls_params = ClientTlsParameters::new(host.clone(), tls);
+
     let client_security = if CONFIG.smtp_ssl() {
-        let tls = TlsConnector::builder()
-            .min_protocol_version(Some(Protocol::Tlsv11))
-            .build()
-            .unwrap();
-
-        let params = ClientTlsParameters::new(host.clone(), tls);
-
         if CONFIG.smtp_explicit_tls() {
-            ClientSecurity::Wrapper(params)
+            ClientSecurity::Wrapper(tls_params)
         } else {
-            ClientSecurity::Required(params)
+            ClientSecurity::Required(tls_params)
         }
     } else {
-        ClientSecurity::None
+        ClientSecurity::Opportunistic(tls_params)
     };
 
     use std::time::Duration;