Gloss on the example of sending authenticated email, was Re: Fetchmail may almost be working in pop3.

To: debian-user@lists.debian.org
Subject: Gloss on the example of sending authenticated email, was Re: Fetchmail may almost be working in pop3.
From: David Wright <deblis@lionunicorn.co.uk>
Date: Sun, 12 Jul 2015 11:24:17 -0500
Message-id: <[🔎] 20150712162417.GC27629@alum>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20150712032451.GB15744@alum>
References: <[🔎] 20150711124349.2730F228D1@server1.shellworld.net> <[🔎] 20150711191228.GA11895@alum> <[🔎] 20150712032451.GB15744@alum>

I believe in learning by doing, so I posted an example that one can
actually do. However, private emails show that it's caused a little
confusion. To make it as easy as I could, I wrote the example using
the information posted by the OP, and using the OP's own placeholder,
SECRET, as the password. Obviously the OP would type their own password
in its place.

The first stage is to generate a base64 rendition of the username and
password. Let's do that:

$ echo -e -n '\0martin.m@suddenlink.net\0SECRET' | base64
AG1hcnRpbi5tQHN1ZGRlbmxpbmsubmV0AFNFQ1JFVA==

Rather than post that gobbledegook in my example, and have someone
type it in just as it stands, I replaced it with a self-describing
placeholder: aBase64stringIsEmitted=

The = sign also caused confusion. I guess most people aren't used to
seeing base64 before it's decoded: it always ends with zero through
two = characters, caused by padding the last chunk of plaintext to
encode it. It has nothing to do with the parameter=value syntax so
prevalent in scripting.

So, to re-present the example:

> --------
> $ echo -e -n '\0martin.m@suddenlink.net\0SECRET' | base64
> aBase64stringIsEmitted=                                  <--- printed by the computer
> $ openssl s_client -starttls smtp -crlf -connect smtp.suddenlink.net:587
> ehlo hostname
> auth plain aBase64stringIsEmitted=                       <--- put what was printed above
> mail from:martin.m@suddenlink.net
> rcpt to:<martin@shellworld.net>
> data
> subject: testing 587 with ehlo hostname...
>                                                          <--- the blank line between header and body
> text of message is any other info saying what parameters you used.
> .
> quit
> --------
> 
> Cut and paste this at the prompts, having put in your password on the
> first line, and copied the resulting base64 string after auth plain.

One last note; because this is normally machine-talk, the syntax of
echo -e -n '\0martin.m@suddenlink.net\0SECRET'
is completely rigid. -e makes \0 into NUL and -n avoids encoding a
spurious end-of-line character. printf '%b' '\0... is much the same.

Cheers,
David.

Reply to:

References:
- Re: Fetchmail may almost be working in pop3.
  - From: "Martin G. McCormick" <martin@server1.shellworld.net>
- Re: Fetchmail may almost be working in pop3.
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Fetchmail may almost be working in pop3.
  - From: David Wright <deblis@lionunicorn.co.uk>

Prev by Date: Mea culpa
Next by Date: Cron not working
Previous by thread: Re: Fetchmail may almost be working in pop3.
Next by thread: Re: Fetchmail may almost be working in pop3.
Index(es):
- Date
- Thread