New feature: SMTP connection may use client certificate.

New config keys in [mailer] section:
 - CERT_FILE: path to a certificate file.
 - KEY_FILE: path to a key file.

modules/mailer/mailer.go

@@ -72,9 +72,15 @@ func sendMail(settings *setting.Mailer, recipients []string, msgContent []byte)
 		return err
 	}
 
+	cert, err := tls.LoadX509KeyPair(settings.CertFile, settings.KeyFile)
+	if err != nil {
+		return err
+	}
+
 	tlsconfig := &tls.Config{
 		InsecureSkipVerify: settings.SkipVerify,
 		ServerName:         host,
+		Certificates:       []tls.Certificate{cert},
 	}
 
 	conn, err := net.Dial("tcp", net.JoinHostPort(host, port))

modules/setting/setting.go

@@ -446,11 +446,12 @@ func newSessionService() {
 
 // Mailer represents mail service.
 type Mailer struct {
-	Name         string
-	Host         string
-	From         string
-	User, Passwd string
-	SkipVerify   bool
+	Name              string
+	Host              string
+	From              string
+	User, Passwd      string
+	SkipVerify        bool
+	CertFile, KeyFile string
 }
 
 type OauthInfo struct {
@@ -483,6 +484,8 @@ func newMailService() {
 		User:       sec.Key("USER").String(),
 		Passwd:     sec.Key("PASSWD").String(),
 		SkipVerify: sec.Key("SKIP_VERIFY").MustBool(),
+		CertFile:   sec.Key("CERT_FILE").String(),
+		KeyFile:    sec.Key("KEY_FILE").String(),
 	}
 	MailService.From = sec.Key("FROM").MustString(MailService.User)
 	log.Info("Mail Service Enabled")