diff --git a/src/login_param.rs b/src/login_param.rs
index bc0553dff..e71cdee92 100644
--- a/src/login_param.rs
+++ b/src/login_param.rs
@@ -7,6 +7,7 @@ use crate::error::Error;
 #[derive(Debug, FromPrimitive)]
 #[repr(i32)]
 pub enum CertificateChecks {
+    Automatic,
     Strict,
     AcceptInvalidHostnames,
     AcceptInvalidCertificates,
@@ -14,7 +15,7 @@ pub enum CertificateChecks {
 
 impl Default for CertificateChecks {
     fn default() -> Self {
-        Self::AcceptInvalidCertificates
+        Self::Automatic
     }
 }
 
diff --git a/src/smtp.rs b/src/smtp.rs
index 34030f1a4..e2a3d8d1c 100644
--- a/src/smtp.rs
+++ b/src/smtp.rs
@@ -70,6 +70,13 @@ impl Smtp {
 
         let mut tls_builder = native_tls::TlsConnector::builder();
         let tls = match lp.send_certificate_checks {
+            CertificateChecks::Automatic => {
+                // Same as AcceptInvalidCertificates for now.
+                // TODO: use provider database when it becomes available
+                tls_builder
+                    .danger_accept_invalid_hostnames(true)
+                    .danger_accept_invalid_certs(true)
+            }
             CertificateChecks::Strict => &mut tls_builder,
             CertificateChecks::AcceptInvalidHostnames => {
                 tls_builder.danger_accept_invalid_hostnames(true)