add STARTTLS support to aiosmtpd cli

[dkg]

It would be great to be able to have the aiosmtpd cli support offering STARTTLS.

[waynew]

I would be 👍 on a PR that implemented this feature. Looking at https://aiosmtpd.readthedocs.io/en/latest/aiosmtpd/docs/smtp.html#enabling-starttls I think if we had the flags:

--tlscert cert.pem --tlskey key.pem --requiretls

the presence of which add the the context, that would be awesome.

Obviously we would want requiretls to be an invalid option if cert & key weren't present, the presence of either cert or key without the other should be an error.

@dkg would you be interested and able to work on this?

[pepoluan]

While we're at it, should we also add support for SMTPS?

If so, we'll need to add these options:

• --smtpscert <certfile> --smtpskey <keyfile> for SMTPS (Controller does the SSL)
• --tlscert <certfile> --tlskey <keyfile> for STARTTLS (SMTP does the SSL)
  • --requiretls option dependent on --tlscert and --tlskey

[pepoluan]

I'm implementing this right now in a branch (not yet pushed)

One change from the above discussion: --requiretls is inverted into --no-requiretls, so the default is secure.

[waynew]

I think that's a good idea but that will break backwards compatibility, right?

[pepoluan]

I think that's a good idea but that will break backwards compatibility, right?

Well... no?

Because originally there was no --requiretls option at all...

There isn't even support for SMTPS/STARTTLS for cli ... so I'm adding to a practical green field.

My note up there was just explaining my decision to implement --no-requiretls instead of --requiretls as previously discussed.

[waynew]

Ah -- well never mind then 😂