For greater security, you can encrypt your connection to the SMTP server. If this is to work, both Emacs and the server must support it.
The SMTP library supports the “Transport Layer Security” (TLS), and the older “Secure Sockets Layer” (SSL) encryption mechanisms. It also supports STARTTLS, which is a variant of TLS in which the initial connection to the server is made in plain text, requesting a switch to an encrypted channel for the rest of the process.
smtpmail-stream-type controls what form of
connection the SMTP library uses. The default value is
which means to use a plain connection, but try to switch to a STARTTLS
encrypted connection if the server supports it. Other possible values
starttls to insist on STARTTLS;
ssl to use TLS/SSL;
plain for encryption.
Use of any form of TLS/SSL requires support in Emacs. You can either
use the built-in support (in Emacs 24.1 and later), or the
starttls.el Lisp library. The built-in support uses the GnuTLS
If your Emacs has GnuTLS support built-in, the function
gnutls-available-p is defined and returns non-
Otherwise, you must use the starttls.el library (see that file for
more information on customization options, etc.). The Lisp library
requires one of the following external tools to be installed:
The SMTP server may also request that you verify your identity by sending a certificate and the associated encryption key to the server. If you need to do this, you can use an ~/.authinfo entry like this:
machine mail.example.org port 25 key "~/.my_smtp_tls.key" cert "~/.my_smtp_tls.cert"
(This replaces the old
smtpmail-starttls-credentials variable used
prior to Emacs 24.1.)