On Tuesday, 23 January 2024 04:21:13 GMT Walter Dnes wrote: > The message from my ISP about port 587 said... > > >> It has to be set with SSL, without any authentication.
Since gnutls is playing up with mutt, you can try setting USE="-gnutls" and re-emerge mutt to see if it succeeds establishing a connection. > Does SSL help privacy at all? Yes. Data transferred between client and server will be encrypted. Secure Socket Layer (SSL) as it was and its evolved successor Transport Layer Security (TLS) are cryptographic protocols used to encrypt and authenticate data transferred between servers and applications. The concept of TLS and use of TLS certificates is to ensure clients know (can verify) the server they are connecting with is hosted on the intended domain and data transferred back and forth has not been tampered with. In addition encryption of the transport layer allows encapsulated data between client and server to remain private. Client authentication credentials transferred between two parties over TLS ensure only legitimate users are allowed to access their data on the server. Server authentication verifies the legitimacy of the user usually by means of a username and password, although client TLS certificates, tokens and what not can be used for the same purpose. The client's IP address can be used as an additional verification check, but this is usually implemented between static network end points between machines - e.g. VPN between HQ and satellite offices. User authentication based on the mail client's IP address only is a weak verification mechanism, both because of the potential for IP address spoofing by malicious actors and because the user may want to retain their privacy from other hosts who happen to share the same IP address. > BTW, if mutt does *ANY* external > ccommunication it seems to require the "ssl" USE flag. Trying... > > USE="-ssl" emerge -pv mutt > > ...on my system dies with... > > The following REQUIRED_USE flag constraints are unsatisfied: > imap? ( ssl ) pop? ( ssl ) smtp? ( ssl ) The SSL flag on mutt ensures the package is compiled with TLS support: $ euse -i ssl global use flags (searching: ssl) ************************************************************ [+ D ] ssl - Add support for SSL/TLS connections (Secure Socket Layer / Transport Layer Security) [snip ...] This is because TLS is ubiquitous today across web site and email server implementations. The WWW days of innocence are long gone, if they ever really existed. > > This message coming to you via port 587 Port 587 is used for message submission as per RFC6409, using ESMTP, but an encrypted connection is optional and a matter of server implementation. Depending on how the mail server has been configured, TLS encryption may be implemented or indeed required on any port conventionally used to send messages (25, 465, 587, 2525).
signature.asc
Description: This is a digitally signed message part.
