+func (conn *connection) doSTARTTLS() {
+ if conn.state != stateInitial {
+ conn.reply(ReplyBadSequence)
+ return
+ }
+
+ tlsConfig := conn.server.TLSConfig()
+ if !conn.esmtp || tlsConfig == nil {
+ conn.writeReply(500, "unrecognized command")
+ return
+ }
+
+ conn.writeReply(220, "initiate TLS connection")
+
+ newConn := tls.Server(conn.nc, tlsConfig)
+ if err := newConn.Handshake(); err != nil {
+ return
+ }
+
+ conn.tlsNc = newConn
+ conn.tp = textproto.NewConn(conn.tlsNc)
+ conn.state = stateInitial
+
+ conn.writeReply(220, fmt.Sprintf("%s ESMTPS [%s] (mailpopbox)",
+ conn.server.Name(), newConn.LocalAddr()))
+}
+