Last item of this 4.2 release notes section (Django 4.2 release notes | Django documentation | Django) mentions:
EmailBackend now verifies a
certificates. If you need the previous behavior that is less restrictive and not recommended, subclass
EmailBackend and override the
How am I supposed to “go back to the previous behaviour”? How should
ssl_context be overriden? Should I just take the source from 4.1.10 and call it done?
Wouldn’t it make sense to revert to the previous behaviour via a settings?
Your questions made me curious enough this morning to want to take a look at this.
I suggest you read the source for
django.core.mail.backedns.smtp.EmailBackend, you’ll see that
ssl_context is defined as a
@cached_property. It appears that the recommendation is that it’s this method that should be overridden.
You’ll see that this context being used comes from Python’s smtp library and that this change in Django is being done as a result of changes being made in Python. I suggest you read through that page to understand what’s going on.
See the following links if you’re interested in the details as it relates to this issue:
So yes, you could go back to the previous code as long as you never implement Python > 3.11. (Obviously, I would never recommend doing that.)
exim box can only be reached by me so I really need to get rid of this error:
2023-07-10 09:29:37 TLS error on connection from (script) [192.168.x.x] (SSL_accept): error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca
This is avoided by taking the code from 4.1.10 (“
MyEmailBackend”) and declaring it in settings.
As soon as I use the “standard”
django.core.mail.backends.smtp.EmailBackend, things break.
looking into those links…
I am happy with overriding in the correct way (to support 3.12+) … thing is … how?
Part of it may depend upon the mail server.
From the client-side only, you might try setting ssl.CERT_NONE in your EmailBackend class. See the paragraph in Manual Settings
(Note: All conjecture on my part - I’ve never actually had to try any of this. I’m just going by what I’m seeing in the code & docs.)