mail sender: disable auto tls if no security

application/Espo/Core/Mail/Sender/DefaultTransportPreparator.php

@@ -53,15 +53,12 @@ class DefaultTransportPreparator implements TransportPreparator
 
         // 'SSL' is treated as implicit SSL/TLS. 'TLS' is treated as STARTTLS.
         // STARTTLS is the most common method.
-        $scheme = $smtpParams->getSecurity() === 'SSL' ? 'smtps' : 'smtp';
+        $scheme = $smtpParams->getSecurity() === SmtpParams::SECURITY_SSL_TLS ? 'smtps' : 'smtp';
 
-        if ($smtpParams->getSecurity() === 'TLS' && !defined('OPENSSL_VERSION_NUMBER')) {
+        if ($smtpParams->getSecurity() === SmtpParams::SECURITY_START_TLS && !defined('OPENSSL_VERSION_NUMBER')) {
             throw new RuntimeException("OpenSSL is not available.");
         }
 
-        // @todo Use `auto_tls=false` if no security when Symfony v7.1 is installed.
-        // @todo If starttls, it should be enforced.
-
         $transport = (new EsmtpTransportFactory())
             ->create(
                 new Dsn(
@@ -71,6 +68,10 @@ class DefaultTransportPreparator implements TransportPreparator
                 )
             );
 
+        if (!$smtpParams->getSecurity() && $transport instanceof EsmtpTransport) {
+            $transport->setAutoTls(false);
+        }
+
         if (!$transport instanceof EsmtpTransport) {
             throw new RuntimeException();
         }

application/Espo/Core/Mail/SmtpParams.php

@@ -57,6 +57,9 @@ class SmtpParams
     public const AUTH_MECHANISM_PLAIN = 'plain';
     public const AUTH_MECHANISM_XOAUTH = 'xoauth';
 
+    public const string SECURITY_SSL_TLS = 'SSL';
+    public const string SECURITY_START_TLS = 'TLS';
+
     /** @var string[] */
     private array $paramList = [
         'server',