Re: [PATCH] for: no pop mail with git head

[Jack <ostroffjh users sourceforge net>]

On 4/18/2017 4:58 AM, Albrecht Dreß wrote:
> Hi Jack:
>
> Am 16.04.17 19:38 schrieb(en) Jack:
> > For one server, I get
> >
> > Message: 140011706032352, 0, POP3: aya-gmail
> > ** (balsa:2808): DEBUG: connected to localhost
> > ** (balsa:2808): DEBUG: R '+OK POP3 POPFile (v1.1.3) server ready'
> > ** (balsa:2808): DEBUG: W 'CAPA'
> > ** (balsa:2808): DEBUG: R '-ERR No secure server specified'
>
> This doesn't harm, as pop3 does not require the CAPA command. However, 
> according to RFC 1939 and because the server greeting by POPFile does 
> not include a time stamp (RFC 1939, Sect. 7), the *only* possible auth 
> method is USER/PASS...
>
> > ** (balsa:2808): DEBUG: emit 'auth' signal for client 0x30f8600
> > ** (balsa:2808): DEBUG: libbalsa_server_get_auth: 0x30f8600 
> > 0x290cb60: encrypted = 0
>
> ...which will be rejected as the connection is unencrypted.
>
> Actually, this restriction I made is too narrow for POP3.  Please try 
> the attached patch which allows all possible auth methods even for 
> unencrypted connections (and fixes cosmetic style issue).
>
> Thanks a lot for pointing me to this issue!
>
> Cheers,
> Albrecht.
Thanks.  I'm away from home for a bit, but I think I'll be able to set 
up a test environment on my (Windows) laptop in a linux VBox. I suspect 
I may also have to take this up with the Popfile folks, as I don't think 
they currently have any way to handle TLS, just plain POP3S, but I have 
not actually looked at their code yet.

Jack