Hi, i wrote: > > I get a connection to the SMTP server directly by this line > > in ~/.pinerc: > > smtp-server=mail.gmx.net/ssl/user=my_user...@gmx.net
David Wright wrote: > I assume that you're telling me that this does not work, right? Yes. It connects, alpine asks for the SMTP password, and then it reports the error text which i assume is from SMTP error 503 issued by the server. > > The stunnel port works fine with my own SMTP client > I'm not certain what you mean by your own "SMTP client". A while ago i had to make a program which uses TCP/IP to connect to a server and performs an SMTP dialog to hand over mail headers and a mail body. During the years it learned some ESMTP because gmx.net more and more drifted away from plain RFC 821. So i know one working sequence of SMTP commands and use it to send this mail. > How do I know what's doing > any encryption that *might* be done in this case. You don't > appear to have told alpine to do any. My own SMTP client uses the program stunnel for the encryption. Config file: client=yes foreground=yes debug=5 pid= sslVersion=all [gmx_smtp] accept=30029 connect=mail.gmx.net:465 My client connects to port 30029 and stunnel connects to gmx.net. I can direct alpine unencrypted to port 30029 and see the same effect as with alpine's own encryption via "/ssl/" or "/tls/". So alpine's encryption seems ok, because there happens an SMTP dialog between alpine and gmx.de. > I don't see anything on this website about alpine, only pine. alpine is pine's official rewrite. http://www.washington.edu/alpine/overview/story.html GMX published: > 'Wenn Ihr Programm die Verschlüsselungsprotokolle SSL und StartTLS > nicht ausdrücklich anbietet, genügt es oft auch, einfach eine > "verschlüsselte" Verbindung zu aktivieren. Das Protokoll wird in > diesem Fall automatisch ausgewählt.' Translation: If your your program does not explicitly offer the encryption protocols SSL and StartTLS, it often suffices to simply activate an "encrypted" connection. The protocol will be chosen automatically in this case. > It seems to suggest some sort of fallback, but how it works I don't know. They obviously refer to any mail client which offers encryption in some of its menus. > You probably know a lot more about alpine Rather not. I always used pine but never dived into its entrails. > http://www.washington.edu/alpine/tech-notes/config-notes.html > "If the attempt to use TLS fails then this parameter > will cause the connection to fail instead of falling back to an > unsecure connection." > Doesn't the last sentence explain what is happening to your > connection? It does not predict SMTP error 503 which is about protocol problems, not connection or encryption. Further the experiment with alpine and stunnel shows no difference in behavior. stunnel itself works fine with gmx.de. > Have you tried using mail.gmx.net:465/tls/user=th.schm...@gmx.net 465 would be the wrong port, i assume. Well, i now tried. alpine waits a while and then reports: [Error sending: Connection failed to mail.gmx.net,465: Connection timed out] This happens before i get asked by alpine for the password, which it probably does when the server replies to an early SMTP command by error 530 "Authentication required". > Mind you, I'm not convinced you'll have any joy but I'd be interested > to know. It looked to me as if it wants to see a certificate to let > you connect, and I see no provision in alpine for that either. (Only > for signing emails etc.) Certificate problems look different. I can tell from running an 8 year old system in today's internet. > So I still think you need to turn on the logging. If i only could find some option for that in alpine or stunnel. Packet sniffers won't help because of encryption. Still riddling with the obscure /dev/sr1 auto-pull-in, i did not yet get to looking for alpine's source code. Have a nice day :) Thomas -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/28188554755685818...@scdbackup.webframe.org
