Re: [Proposal/Patch] Replacing libesmtp in Balsa



Hi Albrecht!

On 02/05/2017 12:47:09 PM Sun, Albrecht Dreß wrote:
Hi all,

as I promised a while ago, I finally prepared a /very/ first patch implementing the replacement of the 
libesmtp library by GIO for SMTP.

Thank you so much for this effort! The documentation and unit tests are great--would that the rest of the 
code was as professional.

It builds with no hiccups and I already sent one test message--this one will be the second! I feel that we 
should push this to master and get everyone to test it.
...
An other confusing issue was the treatment of Bcc: message recipients.  The balsa code used to double the message with 
different headers under certain circumstances, i.e. passing them /twice/ to the MTA.  As the RFC 5321 "RCPT 
TO" addresses are completely unrelated to RFC 5322 headers in the message itself, I removed the duplication (as I 
mentioned before, The Bcc: headers are stripped thanks to the new filter).  Please correct me if this is the wrong 
approach...

A long time ago there was some discussion about whether bcc recipients should get a bcc header, and there may 
be some comments on that on one of the RFCs. One suggestion was to include it when there is exactly one 
bcc-holder, but it had to be a second submission, as the non-bcc recipients should see a message with no bcc 
header. Stripping all bcc headers is far more straightforward, and also RFC-acceptable, I believe.

As libnetclient transparently handles SSL and STARTTLS encryption, I joined the respective options into a 
"security" setting, with warnings about insecure options (this may be controversial, as an unencrypted 
connection to localhost is not problematic).  However, IMO the SMTP configuration dialogue needs some changes, inter 
alia user certificate selection (see below), and maybe a check box whether authentication is required.

The complete functionality of the current, libesmtp-based implementation should be available, with the 
following exceptions:
- Currently, only the PLAIN, LOGIN, CRAM-MD5 and CRAM-SHA1 authentication methods are supported.  This should 
cover most use cases, though (actually, isp's will typically enforce encryption these days, so PLAIN or LOGIN 
are safe).  If other mechanisms are required (which?) please let me know.
- Authentication using user-certificates is not yet supported; it's in libnetclient, but the config gui needs 
to be changed.  I wonder if anyone used it, as there is no way to set the user certificate in the config 
dialogue (only the pass phrase).  Anyone?

I added some calls to g_debug() in several places, so if you want to see more details about the internal operation set 
the environment variable "G_MESSAGES_DEBUG=all".

It should also be easy to use libnetclient for POP3, btw.  I already implemented a simple class, but it's not 
yet tested.

What do you think of my approach?  As always, any comment or suggestion would be highly appreciated!

Cheers,
Albrecht.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]