⚡️ Feature: Allow skipping invalid SSL certificates for email providers #856
Description
Feature Description
Add an option to skip SSL/TLS certificate verification when configuring an email provider in Arcane. This would allow connections to mail servers that use self-signed, expired, or otherwise invalid certificates, especially in internal or testing environments.
Problem It Solves
Currently, Arcane fails to connect if an email provider’s SSL certificate is invalid. This makes it impossible to use internal or local mail servers (for example, those using self-signed certificates) without a valid public CA chain.
It also complicates testing and staging setups where SSL validation is not required.
Proposed Solution
Introduce a configuration flag or environment variable to disable SSL verification when desired.
Example:
EMAIL_SKIP_SSL_VERIFY=true
or via API/UI configuration:
"verify_ssl": false
This option should be disabled by default and marked as insecure for production use.
Alternatives Considered
- Manually importing or trusting the certificate in the container (complex and not portable).
- Using a reverse proxy or relay with a valid certificate (adds unnecessary complexity for local setups).
Additional Context
Some environments (especially internal lab or Docker-only setups) rely on self-signed mail servers.
Providing this option would improve flexibility for developers and advanced users without affecting the security of production systems.
Would you be willing to work on this feature?
- Yes, I'd like to implement this feature
- I could help with parts of this feature
- No, I'm just suggesting the feature