Email and TLS only, how ? - Printable Version +- Python Forum (https://python-forum.io) +-- Forum: Python Coding (https://python-forum.io/forum-7.html) +--- Forum: General Coding Help (https://python-forum.io/forum-8.html) +--- Thread: Email and TLS only, how ? (/thread-39370.html) |
Email and TLS only, how ? - SpongeB0B - Feb-06-2023 Hi everyone, I'm currently digging how to send email trough Python with TLS (only) So it's kind of heavy reading https://docs.python.org/3/library/ssl.html https://docs.python.org/3.11/library/email.examples.html I created a small SMTP server trough hMailServer for testing purpose. Firstly I got error because of my Self-signed certificate. But I've found a workaround there https://stackoverflow.com/a/62982729 So I'm using something like this to test. (and it work) import ssl from smtplib import SMTP_SSL context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) context.verify_mode = ssl.CERT_OPTIONAL context.check_hostname = False context.load_verify_locations(cafile='/pathTOmyCERT') context.minimum_version = ssl.TLSVersion.TLSv1_3 context.maximum_version = ssl.TLSVersion.TLSv1_3 try: with SMTP_SSL("localhost", port=465, context=context) as asmtp: print(str(asmtp.noop())) except Exception as error: print(error)But when I will pass it live, I plan to not allow self-signed certificate. So what could be the best to ensure the highest security level ? It's weird because the documentation claim for create_default_context() : https://docs.python.org/3/library/ssl.html#ssl.create_default_contextcreate_default_context() Wrote:The settings are chosen by the ssl module, and usually represent a higher security level than when calling the SSLContext constructor directly. is that so ? Because if context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) context.minimum_version = ssl.TLSVersion.TLSv1_3 context.maximum_version = ssl.TLSVersion.TLSv1_3Only Allow TLS 1.3 What could be the benefits of create_default_context() ? and how to use it to only allow TLS 1.3 ?Thanks. RE: Email and TLS only, how ? - SpongeB0B - Feb-06-2023 context = ssl.create_default_context(ssl.PROTOCOL_TLS_CLIENT)is not working :/ |