Add optional SSL SMTP Authentication to OpenDMARC-Reports

[specializedtom]

I noticed while setting up OpenDMARC on my server, that OpenDMARC-Reports was bouncing emails it was sending. This when I allowed 'permit_mynetworks' in my postfix configuration. Upon closer inspection, I noticed OpenDMARC-Reports expects (by default) an open SMTP server connection and only does a HELO request for the senders' FQDN.

To prevent situations where email servers may in fact be open relays, I have made changes to the OpenDMARC-Reports perl script to incorporate SSL SMTP Authentication. (I have tested my changes on the Fedora RPM v1.4.1 of OpenDMARC, and have had no problems.) I am happy to share the source code with the community, should the people at TrustedDomainProject accept my proposed changes.

[randolf]

I think this is a good idea because adding support for secure communications is better overall for internet security in general.

If you do share your updates, I suggest making the secure option the default (assuming it's not too much work), and adding an option to disable secure communications (which adds a warning to the logs whenever it's used so that administrators will be more inclined to switch to using secure communications).

[schildbach]

Isn't this a responsibility of the actual sendmail implementation? E.g., you could install sSMTP (https://wiki.debian.org/sSMTP) and use either UseSTARTTLS=Yes or UseTLS=Yes, plus AuthUser and AuthPass in /etc/ssmtp/ssmtp.conf.