[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] extending nmh for smtps support?

From: JerryHeyman
Subject: Re: [Nmh-workers] extending nmh for smtps support?
Date: Fri, 12 Nov 2010 23:30:31 -0500

On Fri, 12 Nov 2010 21:42:43 -0500, Ken Hornstein <address@hidden> wrote:

>>Recently I've changed my Internet connection from DSL to UVerse (both 
>>managed by AT&T), but with UVerse I now have to deal with yahoo.com's 
>>mail service.  They require the use of port 465 (smtps) and MAIL-AUTH.
> I think your termology doesn't quite match what I'm used to (and what
> the RFCs specify).
> If by MAIL-AUTH you mean SMTP AUTH, defined by RFC 4954, then nmh already
> has supported that for a decade.

Yes, you are correct.

> If by "smtps" you mean "SMTP with TLS", then no, we don't support that yet.
> People have talked about it, but no one has written the code.  There are
> two general approaches: doing a TLS negotiation at connection start (which
> I guess is what happens on port 465, although that is not a standardized
> port; that port is reserved for a Cisco protocol called "urd"), and
> doing a "STARTTLS" command as part of the SMTP exchange.  We should be
> doing the latter.

I also left out that I was using 'stunnel' map the local port to the remote
port on the yahoo.com server.

I see that at http://www.iana.org/assignments/port-numbers, port 465 is called
"urd", but on my Mandriva 2009.1 Linux system I see:

address@hidden smtp]$ grep 465 /etc/services
smtps           465/tcp                         # SMTP over SSL (TLS)

I apologize for my ignorance, I actually thought that the info in my local
/etc/services would be accurate, especially as AT&T called it the same thing.

>>I started working my way through the code, taking advantage of the sylpheed
>>email GUI program I use for hints.  It was slow going as I tried to keep the
>>code in the same style.  I got to the point where I was going to have to 
>>suck in a bunch of base64 encoding/decoding code when I stopped as this was
>>no longer going to be a quick fix.
> I was not aware you needed a base64 encoder for TLS; are you sure you're
> not talking about the SASL support defined by RFC 4954?  Because we do
> have base64 encoding/decoding as part of that (also as part of the MIME
> support, of course).

After the EHLO response, used the base64 command to decode the prompts
for userid and password.  My reading of sylpheed code, and watching the
generated log file showed that it was then creating a single string that

AUTH PLAIN userid\0password

where userid\0password were base64 encoded

>>The question that still out there is whether or not nmh should support 
>>smtps.  If so, I'm more than willing to go back into the code and work
>>on it.  Would this be of interest?  What kind of schedule are we looking
>>at for nmh 1.4 (so I can gauge my time/commitment)?
> There is definitely interest in TLS support, and I think it would
> be perfectly appropriate for nmh to support it.  I don't think
> anyone has proposed a release schedule for 1.4; someone did suggest
> calling it 2.0.
> --Ken
> _______________________________________________
> Nmh-workers mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/nmh-workers

       //  Jerry Heyman           | "Congress does not draw to its halls
      //   Amiga Forever :-)      | those who love liberty, it draws those
  \\ //    heymanj at acm dot org | who love power." Judge Andrew Napolitano
   \X/     http://www.hobbeshollow.com

reply via email to

[Prev in Thread] Current Thread [Next in Thread]