use Net::SMTPS for specifying ssl version v1

I am migrating a couple of my domains from mandrill to sparkpost
Net::SMTP by default uses SSLv3 which is not allowed by many providers due to the poodle vulnerability . I had a problem with sparkpost API and had to use Net::SMTPS which is a wrapper for Net::SMTP and you can specify the SSL version.


use strict;
use warnings;
use Net::SMTPS;
use Data::Dumper;

my $USERNAME = 'SMTP_Injection';
my $PASSWORD = '';

my $smtps = Net::SMTPS->new("", Port => 587, doSSL => 'starttls', SSL_version=>'TLSv1');

$smtps->auth ( $USERNAME, $PASSWORD ) or DIE("Could not authenticate with gmail.\n");

my $msg =

"Subject: Test\r\n".

'To:'."\r\nFrom: ".''."\r\n\r\n Hello From the other side";

$smtps->datasend( $msg );

1 Comment

I think you should be able to use Net::SMTP (not SMTPS) and:

$smtp = Net::SMTP->new(
SSL_version=> 'TLSv1',

Inspection of the source of Net::SMTP v3.08 suggests this is correct. Is there a practical problem?

Leave a comment

About Kiran

user-pic I blog about Perl.