Skip to content

Instantly share code, notes, and snippets.

@jim3ma
Forked from chrisgillis/ssl_smtp_example.go
Last active October 23, 2025 13:45
Show Gist options
  • Select an option

  • Save jim3ma/b5c9edeac77ac92157f8f8affa290f45 to your computer and use it in GitHub Desktop.

Select an option

Save jim3ma/b5c9edeac77ac92157f8f8affa290f45 to your computer and use it in GitHub Desktop.
Golang StartTLS SMTP Example
package main
import (
"fmt"
"log"
"net"
"net/mail"
"net/smtp"
"crypto/tls"
)
// StartTLS Email Example
func main() {
from := mail.Address{"", "username@example.tld"}
to := mail.Address{"", "username@anotherexample.tld"}
subj := "This is the email subject"
body := "This is an example body.\n With two lines."
// Setup headers
headers := make(map[string]string)
headers["From"] = from.String()
headers["To"] = to.String()
headers["Subject"] = subj
// Setup message
message := ""
for k,v := range headers {
message += fmt.Sprintf("%s: %s\r\n", k, v)
}
message += "\r\n" + body
// Connect to the SMTP Server
servername := "smtp.example.tld:465"
host, _, _ := net.SplitHostPort(servername)
auth := smtp.PlainAuth("","username@example.tld", "password", host)
// TLS config
tlsconfig := &tls.Config {
InsecureSkipVerify: true,
ServerName: host,
}
c, err := smtp.Dial(servername)
if err != nil {
log.Panic(err)
}
c.StartTLS(tlsconfig)
// Auth
if err = c.Auth(auth); err != nil {
log.Panic(err)
}
// To && From
if err = c.Mail(from.Address); err != nil {
log.Panic(err)
}
if err = c.Rcpt(to.Address); err != nil {
log.Panic(err)
}
// Data
w, err := c.Data()
if err != nil {
log.Panic(err)
}
_, err = w.Write([]byte(message))
if err != nil {
log.Panic(err)
}
err = w.Close()
if err != nil {
log.Panic(err)
}
c.Quit()
}
@so0k

so0k commented Jun 7, 2018

Copy link
Copy Markdown

Do note that setting InsecureSkipVerify is for testing only. If InsecureSkipVerify is true, TLS accepts any certificate presented by the server and any host name in that certificate. In this mode, TLS is susceptible to man-in-the-middle attacks.

Drop this for anyone using the above sample code

@utrack

utrack commented Nov 5, 2020

Copy link
Copy Markdown

Also note that c.StartTLS() error is unchecked.

@rojvv

rojvv commented Dec 28, 2022

Copy link
Copy Markdown

Thanks!

@poloyacero

Copy link
Copy Markdown

@so0k If I set InsecureSkipVerify to false is there any more verification I need to implement? Could you guide me on this? Thanks

@vincenthsh

vincenthsh commented Mar 9, 2023

Copy link
Copy Markdown

@poloyacero - depends on the certificate chain presented to your code?

if the server you're connecting to uses a trusted root CA (i.e. Let's Encrypt issued certificate) - then you don't have to do anything (as long as the client running the code has the certificate authorities loaded (which is in all linux, macos, windows distros) it should "just work"

if however, you're using this code in test or local dev where you self sign certificates for testing an smtp server, then you need to drop the verification, or you need to run the right command to trust the root CA that signs the certificates of the host you're testing against

@urko-b

urko-b commented Mar 13, 2023

Copy link
Copy Markdown

thanks so much to share I really appreciate. I would like to know how can I send html in body. Kind regards

@y-vas

y-vas commented May 18, 2023

Copy link
Copy Markdown

@urko-b html goes directly into the body
body := "<div>This is an <b>example</b> body.\n With two lines.</div>"

@tooilxui

tooilxui commented Dec 2, 2024

Copy link
Copy Markdown

I have try this example to send a mail via smtp.office365.com:587 and got error after c.Auth(), there is error message:

2024/12/02 15:50:16 504 5.7.4 Unrecognized authentication type [TPYP295CA0020.TWNP295.PROD.OUTLOOK.COM 2024-12-02T07:50:11.227Z 08DD11A71FE694FB]
panic: 504 5.7.4 Unrecognized authentication type [TPYP295CA0020.TWNP295.PROD.OUTLOOK.COM 2024-12-02T07:50:11.227Z 08DD11A71FE694FB]

does any one can give some suggestion?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment