Fix "forcing" client certificate for SMTP

conf/app.ini

@@ -105,6 +105,10 @@ SUBJECT = %(APP_NAME)s
 HOST =
 ; Do not verify the certificate of the server. Only use this for self-signed certificates
 SKIP_VERIFY = 
+; Use client certificate
+; USE_CERTIFICATE = true
+; CERT_FILE = custom/mailer/cert.pem
+; KEY_FILE = custom/mailer/key.pem
 ; Mail from address, RFC 5322. This can be just an email address, or the "Name" <email@example.com> format 
 FROM =
 ; Mailer user name and password

modules/mailer/mailer.go

@@ -72,15 +72,17 @@ func sendMail(settings *setting.Mailer, recipients []string, msgContent []byte)
 		return err
 	}
 
+	tlsconfig := &tls.Config{
+		InsecureSkipVerify: settings.SkipVerify,
+		ServerName:         host,
+	}
+
+	if settings.UseCertificate {
 		cert, err := tls.LoadX509KeyPair(settings.CertFile, settings.KeyFile)
 		if err != nil {
 			return err
 		}
-
+		tlsconfig.Certificates = []tls.Certificate{cert}
-	tlsconfig := &tls.Config{
-		InsecureSkipVerify: settings.SkipVerify,
-		ServerName:         host,
-		Certificates:       []tls.Certificate{cert},
 	}
 
 	conn, err := net.Dial("tcp", net.JoinHostPort(host, port))

modules/setting/setting.go

@@ -451,6 +451,7 @@ type Mailer struct {
 	From              string
 	User, Passwd      string
 	SkipVerify        bool
+	UseCertificate    bool
 	CertFile, KeyFile string
 }
 
@@ -484,6 +485,7 @@ func newMailService() {
 		User:           sec.Key("USER").String(),
 		Passwd:         sec.Key("PASSWD").String(),
 		SkipVerify:     sec.Key("SKIP_VERIFY").MustBool(),
+		UseCertificate: sec.Key("USE_CERTIFICATE").MustBool(),
 		CertFile:       sec.Key("CERT_FILE").String(),
 		KeyFile:        sec.Key("KEY_FILE").String(),
 	}