diff --git a/.env.production.sample b/.env.production.sample
index fbb28470789c7496a7854607f006e5efc70cbaff..97bba5e3f072e3ed3f54da37e05911b7d20e985a 100644
--- a/.env.production.sample
+++ b/.env.production.sample
@@ -35,6 +35,10 @@ SMTP_PORT=587
 SMTP_LOGIN=
 SMTP_PASSWORD=
 SMTP_FROM_ADDRESS=notifications@example.com
+#SMTP_AUTH_METHOD=plain
+#SMTP_OPENSSL_VERIFY_MODE=peer
+#SMTP_ENABLE_STARTTLS_AUTO=true
+
 
 # Optional asset host for multi-server setups
 # CDN_HOST=assets.example.com
diff --git a/app.json b/app.json
index 29c1f9f9cfb273c294b3c1c0bd5d766f5cc0c20d..6c4294c79e58f198c6f86fd4ab3084c68606ff5e 100644
--- a/app.json
+++ b/app.json
@@ -79,6 +79,18 @@
     "SMTP_FROM_ADDRESS": {
       "description": "Address to send emails from",
       "required": false
+    },
+    "SMTP_AUTH_METHOD": {
+      "description": "Authentication method to use with SMTP server. Default is 'plain'.",
+      "required": false
+    },
+    "SMTP_OPENSSL_VERIFY_MODE": {
+      "description": "SMTP server certificate verification mode. Defaults is 'peer'.",
+      "required": false
+    },
+    "SMTP_ENABLE_STARTTLS_AUTO": {
+      "description": "Enable STARTTLS if SMTP server supports it? Default is true.",
+      "required": false
     }
   },
   "buildpacks": [
diff --git a/config/environments/production.rb b/config/environments/production.rb
index d299e4f4ca4859adce6126f1c619937b3a3164cd..05cced67b55037b2c075801d2ed109c542301835 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -99,7 +99,9 @@ Rails.application.configure do
     :user_name      => ENV['SMTP_LOGIN'],
     :password       => ENV['SMTP_PASSWORD'],
     :domain         => ENV['SMTP_DOMAIN'] || config.x.local_domain,
-    :authentication => :plain,
+    :authentication => ENV['SMTP_AUTH_METHOD'] || :plain,
+    :openssl_verify_mode => ENV['SMTP_OPENSSL_VERIFY_MODE'] || 'peer',
+    :enable_starttls_auto => ENV['SMTP_ENABLE_STARTTLS_AUTO'] || true,
   }
 
   config.action_mailer.delivery_method = :smtp
diff --git a/scalingo.json b/scalingo.json
index d60f1529ce8d00cfcd33b138240169a1af94e8c5..4afaa6b4e0105a999c8e8b9d70dbeb70f36cde7f 100644
--- a/scalingo.json
+++ b/scalingo.json
@@ -71,6 +71,18 @@
       "description": "Address to send emails from",
       "required": false
     },
+    "SMTP_AUTH_METHOD": {
+      "description": "Authentication method to use with SMTP server. Default is 'plain'.",
+      "required": false
+    },
+    "SMTP_OPENSSL_VERIFY_MODE": {
+      "description": "SMTP server certificate verification mode. Defaults is 'peer'.",
+      "required": false
+    },
+    "SMTP_ENABLE_STARTTLS_AUTO": {
+      "description": "Enable STARTTLS if SMTP server supports it? Default is true.",
+      "required": false
+    },
     "BUILDPACK_URL": {
       "description": "Internal scalingo configuration",
       "required": true,