There are plugins you can use with FileMaker for encrypting/decrypting. See BaseElements or MBS (MonkeyBreadSoftware) for examples.
Plugins can also do several attachments.
And if you pass the certificate file for the server to MBS Plugin, it will not connect if someone creates his own valid certificate for a man in the middle attack.
Thank you, Philip and Christian! I'm looking into both of the plugins right now...
For anyone searching the archives, my original post has outdated information. I was referring to knowledge base articles that hadn't been updated for FileMaker 15 (but mistakenly said they applied to FM15).
The FM15 online help says:FileMaker Pro verifies the SSL certificate of an SMTP server that is using an encrypted connection. If the certificate cannot be verified, users can choose to connect anyway or cancel to skip this script step. If the certificate cannot be verified and the Set Error Capture script step is set to On, this script step behaves as if the server were unavailable. If the certificate cannot be verified in server-side scripts, Custom Web Publishing, and FileMaker WebDirect, this script step behaves as if it had been canceled by the user.
I called Tech Support, who checked with the engineers, and reported back to me that for FM15:
You can ignore the note on article 6991 and look at the help file
So FileMaker 15 does perform certificate checks when sending email via SMTP.