Re: [Evolution] Evolution 1.4.5 SMTPS / STARTTLS question



On Thu, 2003-11-13 at 16:35, Jeffrey Stedfast wrote:
it doesn't lock it forever.

anyways, maybe I can change it to try things differently if a port was
specifically specified. but that won't really help if the port specified
is not the smtp/s nor normal smtp port. since this same things will
happen.

I'd really like to know what mozilla and/or other clients that support
both ways do. find that out for me and I'll hack something up.
Okay, here you go:

Evolution 1.4.5
        - SMTPS first
        - STARTTLS if SMTPS failed

Mozilla 1.4 
        - STARTTLS only

Outlook & Outlook Express 6
        - STARTTLS if port 25 entered
        - SMTPS if any other port entered

Kmail 1.5.1     
        - STARTTLS if selected SSL
        - SMTPS if selected TLS

I found out these using a sendmail daemon listening on port 25, doing
TLS and an stunnel process doing SMTPS, listening on port 465.

Hope this will help you to hack something up :)

Thanks
Regards,


Jeff

On Thu, 2003-11-13 at 06:07, Vincent Jaussaud wrote:
On Wed, 2003-11-12 at 18:55, Jeffrey Stedfast wrote:
uh, that's exactly how it was explained that it would do.
Ok; sorry maybe I understood you wrongly.

But still, you can't use this trick to force the use of STARTTLS first,
since talking SMTP-S over a STARTTLS channel will hung the SMTP session
forever, thus locking your outbox folder until you manually delete the
mail to be sent.

I've just tried, and if I force the port number, my SMTP session hung
forever.

Regards,
Vincent.

Jeff

On Wed, 2003-11-12 at 12:18, Vincent Jaussaud wrote:
On Fri, 2003-11-07 at 17:37, Jeffrey Stedfast wrote:

Evolution lets you do this too... you could specify "servername:25" for
the hostname, although I'm not sure exactly how it will behave in this
case. It might try to first do SMTPS on port 25, fail, and then try
SMTP+STARTTLS.

yea, I'm pretty sure that is how it would attempt to connect.

Nope; if you put the port number in; it'll try to negociate SMTP-S with
the remote MTA, over port 25, even if this one talks only STARTTLS.

The result is that it will hung the SMTP session; since SMTP-S
initialise the SSL handshake directly after opening the socket; while
STARTTLS wait after the greetings dialog has been made (in plain text).
So basically, you'll try to talk SSL to a peer which expect plain text
input at first.

Regards,
Vincent.

Jeff


-- Dan
_______________________________________________
evolution maillist  -  evolution lists ximian com
http://lists.ximian.com/mailman/listinfo/evolution
-- 
Vincent Jaussaud
Kelkoo.com Security Manager 
email: tatooin kelkoo com

"Those who desire to give up freedom in order to gain security will not
have, nor do they deserve, either one."
    -- President Thomas Jefferson.    1743-1826





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]