Oh, you right, for this scenario like mail credentials is not the best example, using .env is better:
But I still considering as an option if credentials will be in database for an user configuration from Backend in a SaaS model web.
But again, If the case where not email credentiales, would be this an option for this: is good or bad idea, secure or insecure.