Opportunistic Encryption With starttls()
In some cases you may have an unencrypted connection to a SMTP server, which you need to upgrade to an encrypted connection. In this video, you’ll learn how to do that!
00:00 In the last video, you initiated a connection that was secure from the start. Sometimes you won’t be able to do this and you need to create an unencrypted connection and then upgrade it to an encrypted one.
00:11
This is where this .starttls()
method comes into play. To do this, you’ll be able to keep most of these parameters the same, except now change this port
here to 587
, because this is what Google will be listening for for this type of connection.
00:26
Now go ahead and get rid of all of this. Since this will be creating an unencrypted connection and then attempt to upgrade it, we’ll use try
and except
blocks to catch any errors that occur.
00:37
So first, try:
make a server
object,
00:43
which will just be smtp.SMTP()
, then pass in the smtp_server
and the port
. Note that there’s no SSL here. Now you’ll say hello to the server using .ehlo()
, which is kind of like .helo()
, but it’s an extended version, and that’s the e
here.
01:04
If for some reason you needed more information from the server, this would get that as opposed to just a regular hello, which would be .helo()
.
01:13
Now you can upgrade that connection by calling server.starttls()
, and now pass in the context
. Set that equal to context
.
01:24
And it’s probably a good idea to acknowledge yourself to the server again, so let’s just do server.ehlo()
. And now that the connection is encrypted, it’s safe to login. So just like before, you can call server.login()
, pass in your sender
email and your password
, just like that.
01:42
So here’s where you could go and send some mail if you’d like. But because we’re not going to do that yet, just say print('It worked!)
.
01:54
Now, because the connection may not want to be upgraded, you should catch your exceptions. So we’ll just do except Exception as e:
and just print that out.
02:06
And finally:
—no pun intended—no matter what happens, you want to make sure you close the connection to the server. So you can just call server.quit()
. Okay!
02:17
So let’s save this and see what happens! Open up the terminal, python python_emails
. Okay, I’m going to enter in my password.
02:33
And this is actually a kind of interesting error. You can see that the 'server' is not defined
error occurred at line 25—which, if you go down, is inside this finally
block—but we defined what server
was up here.
02:48
So this means, for some reason, this try
block was not executed. And the reason it wasn’t executed is because I just put smtp
instead of smtplib
, like that. So let’s try that again.
03:13
And there we go! It worked!
So now you know two different ways to make a secure connection to an SMTP server. When we actually start sending the emails, we’ll be creating connections that are secure from the start, like in the previous video.
03:28 I like doing that because it’s a little bit less code to type out and I just feel a little better about it. The big thing, though, is now you’re ready to start sending some actual emails with Python. Thanks for watching.
Abby Jones on July 15, 2019
LOL, disregard, I didn’t watch the part where you fixed that.
shuhuali1010 on May 9, 2021
Hi Joe! I use smtplib and it still did not work. Any ideas why?
Become a Member to join the conversation.
Abby Jones on July 15, 2019
server = smtp. gives me an error.