Re: [Evolution] Evolution 1.4.5 SMTPS / STARTTLS question

[Vincent Jaussaud <tatooin kelkoo com>]

On Thu, 2003-11-13 at 16:35, Jeffrey Stedfast wrote:
> it doesn't lock it forever.
>
> anyways, maybe I can change it to try things differently if a port was
> specifically specified. but that won't really help if the port specified
> is not the smtp/s nor normal smtp port. since this same things will
> happen.
>
> I'd really like to know what mozilla and/or other clients that support
> both ways do. find that out for me and I'll hack something up.
Okay, here you go:

Evolution 1.4.5
        - SMTPS first
        - STARTTLS if SMTPS failed

Mozilla 1.4 
        - STARTTLS only

Outlook & Outlook Express 6
        - STARTTLS if port 25 entered
        - SMTPS if any other port entered

Kmail 1.5.1     
        - STARTTLS if selected SSL
        - SMTPS if selected TLS

I found out these using a sendmail daemon listening on port 25, doing
TLS and an stunnel process doing SMTPS, listening on port 465.

Hope this will help you to hack something up :)

Thanks
Regards,

> Jeff
>
> On Thu, 2003-11-13 at 06:07, Vincent Jaussaud wrote:
> > On Wed, 2003-11-12 at 18:55, Jeffrey Stedfast wrote:
> > > uh, that's exactly how it was explained that it would do.
> > Ok; sorry maybe I understood you wrongly.
> >
> > But still, you can't use this trick to force the use of STARTTLS first,
> > since talking SMTP-S over a STARTTLS channel will hung the SMTP session
> > forever, thus locking your outbox folder until you manually delete the
> > mail to be sent.
> >
> > I've just tried, and if I force the port number, my SMTP session hung
> > forever.
> >
> > Regards,
> > Vincent.
> >
> > > Jeff
> > >
> > > On Wed, 2003-11-12 at 12:18, Vincent Jaussaud wrote:
> > > > On Fri, 2003-11-07 at 17:37, Jeffrey Stedfast wrote:
> > > > > > Evolution lets you do this too... you could specify "servername:25" for
> > > > > > the hostname, although I'm not sure exactly how it will behave in this
> > > > > > case. It might try to first do SMTPS on port 25, fail, and then try
> > > > > > SMTP+STARTTLS.
> > > > >
> > > > > yea, I'm pretty sure that is how it would attempt to connect.
> > > > Nope; if you put the port number in; it'll try to negociate SMTP-S with
> > > > the remote MTA, over port 25, even if this one talks only STARTTLS.
> > > >
> > > > The result is that it will hung the SMTP session; since SMTP-S
> > > > initialise the SSL handshake directly after opening the socket; while
> > > > STARTTLS wait after the greetings dialog has been made (in plain text).
> > > > So basically, you'll try to talk SSL to a peer which expect plain text
> > > > input at first.
> > > >
> > > > Regards,
> > > > Vincent.
> > > >
> > > > > Jeff
> > > > >
> > > > > > -- Dan
> > > > > > _______________________________________________
> > > > > > evolution maillist  -  evolution lists ximian com
> > > > > > http://lists.ximian.com/mailman/listinfo/evolution
-- 
Vincent Jaussaud
Kelkoo.com Security Manager 
email: tatooin kelkoo com

"Those who desire to give up freedom in order to gain security will not
have, nor do they deserve, either one."
    -- President Thomas Jefferson.    1743-1826