For greater security, you can encrypt your connection to the SMTP server. If this is to work, both Emacs and the server must support it.
The SMTP library supports the “Transport Layer Security” (TLS), and the older “Secure Sockets Layer” (SSL) encryption mechanisms. It also supports STARTTLS, which is a variant of TLS in which the initial connection to the server is made in plain text, requesting a switch to an encrypted channel for the rest of the process.
The variable smtpmail-stream-type controls what form of
connection the SMTP library uses. The default value is nil,
which means to use a plain connection, but try to switch to a STARTTLS
encrypted connection if the server supports it. Other possible values
are: starttls to insist on STARTTLS; ssl to use TLS/SSL;
and plain for no encryption.
Use of any form of TLS/SSL requires support in Emacs. You can use the
built-in support for the GnuTLS
1 library. If your
Emacs has GnuTLS support built-in, the function
gnutls-available-p is defined and returns non-nil.
The SMTP server may also request that you verify your identity by sending a certificate and the associated encryption key to the server. If you need to do this, you can use an ~/.authinfo entry like this:
machine mail.example.org port 25 key "~/.my_smtp_tls.key" cert "~/.my_smtp_tls.cert"
(This replaces the old smtpmail-starttls-credentials variable used
prior to Emacs 24.1.)