Added optional SMTP_OPENSSL_VERIFY_MODE (#1703)

* Added optional SMTP_OPENSSL_VERIFY_MODE to fix mailserver certificate issues

* Added optional SMTP_OPENSSL_VERIFY_MODE

Fixed to long line. [139/130]

* Fix multi-line indent

* Remove elseif statements and use much shorter way of checking for SMTP_OPENSSL_VERIFY_MODE

* Too long line again

* Moved SMTP_OPENSSL_VERIFY_OPTION. Specified what it does. Added security warning

Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>

config/environments/production.rb

@@ -101,6 +101,10 @@ Rails.application.configure do
     }
   end
 
+  # If configured to 'none' don't check the smtp servers certificate
+  ActionMailer::Base.smtp_settings[:openssl_verify_mode] =
+    ENV['SMTP_OPENSSL_VERIFY_MODE'] if ENV['SMTP_OPENSSL_VERIFY_MODE'].present?
+
   # Don't care if the mailer can't send.
   config.action_mailer.raise_delivery_errors = true
 

sample.env

@@ -121,6 +121,9 @@ GOOGLE_ANALYTICS_TRACKING_ID=
 #   SMTP_AUTH=plain
 #   SMTP_STARTTLS_AUTO=true
 #
+# Comment this out to disable SMTP certificate verification. This option may pose a security risk.
+#   SMTP_OPENSSL_VERIFY_MODE=none
+#
 SMTP_SERVER=
 SMTP_PORT=
 SMTP_DOMAIN=