Created Configuring TLS (markdown)

Configuring-TLS.md

@@ -0,0 +1,44 @@
+# Enabling support for the SMTP STARTTLS
+
+This adds support for opportunistic TLS connections for SMTP-only. Clients that follow the RFC of:
+```
+  S: 220 inbucket Inbucket SMTP ready
+  C: EHLO openssl.client.net
+  S: 250-Great, let's get this show on the road
+  S: 250-8BITMIME
+  S: 250-STARTTLS
+  S: 250 SIZE 10240000
+  C: STARTTLS
+  S: 220 STARTTLS
+  C: <starts TLS negotiation>
+  C & S: <negotiate a TLS session>
+  C & S: <check result of negotiation>
+  C: EHLO nowhere.tld
+  . . .
+```
+This feature is **disabled** by default.
+
+## Setup
+To generate x509 certs:
+```bash
+$ openssl req -x509 -sha256 -newkey rsa:2048 -keyout certificate.key -out certificate.crt -days 1024 -nodes
+```
+Run inbucket with TLS Enabled (the default private key is **cert.key** and default public key is **cert.crt**) -- you can change these with environmental variable also:
+```bash
+$ INBUCKET_SMTP_TLSENABLED=true ./inbucket 
+```
+To use openssl's s_client for testing:
+```bash
+$ cat << EOF | openssl s_client -tls1_2 -starttls smtp -crlf -connect 127.0.0.1:2500 -ign_eof
+ehlo nowhere.tld
+mail from: <me@me.me>
+rcpt to: <you@you.you>
+data
+Subject: Hello
+
+This is the body
+
+.
+QUIT
+EOF
+```