I didn’t find any patch to enable STARTTLS on client side in ClamSMTP when accepting direct (port 25) connexions, so I wrote it.
You can find my code here on GitHub : https://github.com/beaujean/ClamSMTP-TLS/
Two options have been added to the clamsmtp.conf file:
TLSKey: /path/to/file.key TLSCert: /path/to/file.crt
It’s originally from http://thewalter.net/stef/software/clamsmtp/ by Stefan Walter. A git repository was actually here http://thewalter.net/git/cgit.cgi/clamsmtp/ but didn’t include the /common/ directory.