# 0006. Email SMTP Configuration

Date: 2024-11-20

## Status
Accepted

## Context
Email service needs SMTP configuration for sending domain verification codes. We need to support common email providers while keeping configuration simple. Modern SMTP typically uses STARTTLS on port 587 or implicit TLS on port 465.

## Decision
Support both STARTTLS and implicit TLS via configuration:

Configuration:
```
GONDULF_SMTP_HOST=smtp.example.com
GONDULF_SMTP_PORT=587
GONDULF_SMTP_USERNAME=user@example.com
GONDULF_SMTP_PASSWORD=secret
GONDULF_SMTP_FROM=noreply@example.com
GONDULF_SMTP_USE_TLS=true
```

Implementation logic:
- If `GONDULF_SMTP_PORT=465`: Use implicit TLS (smtplib.SMTP_SSL)
- If `GONDULF_SMTP_PORT=587` and `GONDULF_SMTP_USE_TLS=true`: Use STARTTLS (smtplib.SMTP with starttls())
- If `GONDULF_SMTP_PORT=25` and `GONDULF_SMTP_USE_TLS=false`: Use unencrypted SMTP (testing only)

Default to port 587 with STARTTLS as the most common modern configuration.

## Consequences
### Positive
- Supports all major email providers (Gmail, SendGrid, Mailgun, etc.)
- Simple configuration with sensible defaults
- Port number determines TLS behavior (intuitive)
- Single USE_TLS flag controls STARTTLS

### Negative
- Slightly more complex than hardcoding one approach
- Must document port/TLS combinations in `.env.example`