Set custom certificate for Email server (Proton Mail)

[sonn-gamm]

Hi!

I need to use ProtonMail for a project and have gone through the process to learn how to set the integration up. Proton requires to run a local software called ProtonMail Bridge, that acts as a kind of self-hosted email server between Proton's servers and your machine.

Somehow using STARTTLS did not work, I tried all sort of config for FastAPI-Mail without luck. It always ended failing by giving the following error message:

smtplib [SSL: WRONG_VERSION_NUMBER]

Therefore I tried to use a TLS connection instead, and found you can force ProtonMail Bridge to use TLS if you want. You need to you export a cert.pem file to use as context for your email SSL script.

See for example:

import smtplib
import ssl

bridge_certificate="/path/tp/cert.pem"

sslctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
sslctx.options &= ~ssl.OP_NO_SSLv3
sslctx.load_verify_locations(cafile=bridge_certificate)
sslctx.verify_mode = ssl.CERT_OPTIONAL
sslctx.check_hostname = False

sender = <proton-email>
receiver = <test-email>

smtp = smtplib.SMTP('127.0.0.1', 1025) # 1025 - port from proton mail bridge info
smtp.starttls(context=sslctx)
smtp.login(sender, password)

msg = """\
Subject: Hi there

This message is sent from Python."""
smtp.sendmail(sender, [receiver], msg)

Is there any way to tell FastAPI-Mail to use a custom certificate for the connection?

Thanks.