SMTP configuration

smtp.host (required)

Represents the SMTP server hostname.

smtp.port (required)

Represents the SMTP server port.

smtp.login (required)

Represents the SMTP account login.

smtp.passwd/oauth2 (required)

The SMTP account authentication mechanism:

  • smtp.passwd: Regular password authentication.

    • smtp.passwd.raw: Raw password (unsafe, not recommanded). [string]

    • smtp.passwd.cmd: Password retrieved from the given shell command. [string]

    • smtp.passwd.keyring: Password retrieved from your system’s default password manager at the given entry. [string]

  • smtp.oauth2: OAuth 2.0 authorization mechanism. This mechanism requires additional options:

    • smtp.oauth2.client-id (required): Client identifier issued to the client during the registration process described by [Section 2.2]. [string]

    • smtp.oauth2.auth-url (required): URL of the authorization server’s authorization endpoint. [string]

    • smtp.oauth2.token-url (required): URL of the authorization server’s token endpoint. [string]

    • smtp.oauth2.method: OAuth 2.0 authentication method. Default: XOAUTH. [XOAUTH|OAUTHBEARER]

    • smtp.oauth2.client-secret: Override how the client secret is retrieved:

      • smtp.oauth2.client-secret.raw: Raw client secret (unsafe, not recommanded). [string]

      • smtp.oauth2.client-secret.cmd: Client secret retrieved from the given shell command. [string]

      • smtp.oauth2.client-secret.keyring: Client secret retrieved from your system’s default password manager at the given entry. [string]

      If omitted, the client secret is retrieves from your system’s default password manager at the entry <account-name>-smtp.oauth2-client-secret.

    • smtp.oauth2.access-token: Override how the access token is retrieved:

      • smtp.oauth2.access-token.raw: Raw access token (for debugging purpose). [string]

      • smtp.oauth2.access-token.cmd: Access token retrieved from the given shell command. [string]

      • smtp.oauth2.access-token.keyring: Access token retrieved from your system’s default password manager at the given entry. [string]

      If omitted, the access token is retrieves from your system’s default password manager at the entry <account-name>-smtp.oauth2-access-token.

    • smtp.oauth2.refresh-token: Override how the refresh token is retrieved:

      • smtp.oauth2.refresh-token.raw: Raw refresh token (for debugging purpose). [string]

      • smtp.oauth2.refresh-token.cmd: Refresh token retrieved from the given shell command. [string]

      • smtp.oauth2.refresh-token.keyring: Refresh token retrieved from your system’s default password manager at the given entry. [string]

      If omitted, the refresh token is retrieves from your system’s default password manager at the entry <account-name>-smtp.oauth2-refresh-token.

    • smtp.oauth2.pkce: Enable the Proof Key of Code Exchange. [bool]

    • smtp.oauth2.scope: Access token scope, as defined by the authorization server. Variants possible:

      • smtp.oauth2.scope: One scope. [string]

      • smtp.oauth2.scopes: One or more scopes. [list[string]]

smtp.encryption

The SMTP encryption protocol to use.

  • smtp.encryption = "tls" | true (default): use required encryption (SSL/TLS).

  • smtp.encryption = "start-tls": use opportunistic encryption (StartTLS).

  • smtp.encryption = "none" | false: do not use any encryption.

Example

message.send.backend = "smtp"

smtp.host = "smtp.localhost"
smtp.port = 465
smtp.login = "test@localhost"
smtp.passwd.raw = "my-unsafe-password"
smtp.encryption = "tls"

message.send.backend = "smtp"

smtp.host = "smtp.localhost"
smtp.port = 587
smtp.login = "test@localhost"
smtp.oauth2-client-id = "my-oauth2-client-id"
smtp.oauth2-auth-url = "http://localhost/oauth2/auth"
smtp.oauth2-token-url = "http://localhost/oauth2/token"
smtp.oauth2-pkce = true
smtp.oauth2-scopes = ["read", "write"]
smtp.encryption = "start-tls"