Merge pull request 'Set customize_hostname_check for Swoosh.Adapters.SMTP' (#861) from norm/akkoma:smtp-defaults-fix into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending approval
ci/woodpecker/push/build-arm64 Pipeline is pending approval
ci/woodpecker/push/docs Pipeline is pending approval
ci/woodpecker/push/lint Pipeline is pending approval
ci/woodpecker/push/test Pipeline is pending approval
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending approval
ci/woodpecker/push/build-arm64 Pipeline is pending approval
ci/woodpecker/push/docs Pipeline is pending approval
ci/woodpecker/push/lint Pipeline is pending approval
ci/woodpecker/push/test Pipeline is pending approval
Reviewed-on: #861
This commit is contained in:
commit
39cef8b8d2
1 changed files with 7 additions and 1 deletions
|
|
@ -84,8 +84,14 @@ defp default_config(Swoosh.Adapters.SMTP, conf, _) do
|
|||
cacerts: os_cacerts,
|
||||
versions: [:"tlsv1.2", :"tlsv1.3"],
|
||||
verify: :verify_peer,
|
||||
# some versions have supposedly issues verifying wildcard certs without this
|
||||
server_name_indication: relay,
|
||||
# This allows wildcard ceritifcates to be verified properly.
|
||||
# The :https parameter simply means to use the HTTPS wildcard format
|
||||
# (as opposed to say LDAP). SMTP servers tend to use the same type of
|
||||
# certs as HTTPS ones so this should work for most.
|
||||
customize_hostname_check: [
|
||||
match_fun: :public_key.pkix_verify_hostname_match_fun(:https)
|
||||
],
|
||||
# the default of 10 is too restrictive
|
||||
depth: 32
|
||||
]
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue