Re: alpine mail client with gmx.net as mail provider
Hi,
David Wright wrote:
> > I can direct alpine unencrypted to port 30029 and see the same
> > effect as with alpine's own encryption via "/ssl/" or "/tls/".
> I'm sorry if I appear to be thick but I get very little sense from
> "see the same effect as with alpine's own encryption". I can't be
> certain what works and what fails when you express it like that.
All three variations of alpine SMTP configuration which i tried
do not work:
smtp-server=mail.gmx.net/ssl/user=my_user_id@gmx.net
smtp-server=mail.gmx.net/tls/user=my_user_id@gmx.net
smtp-server=localhost:30029/user=my_user_id@gmx.net
The third one is using a stunnel process at port 30029 which
encrypts the communication and forwards it to and from
port 465 of mail.gmx.net.
The effect is that i see indications of a beginning (E)SMTP
dialog up to the prompt for a password. But the attempt to
hand over the mail fails with alpine displaying the message
"Bad sequence of commands". I assume it stems from the server.
> 250 AUTH LOGIN PLAIN
This is what i assume to be triggering the alpine passowrd
prompt. So i believe that alpine gets that far with the
server.
> I can't start 587 as an encrypted connection: [...]
> which appears normal. However, 465 seems to behave oddly:
I understand 587 is for encryption being started inside
the ESMTP dialog. There is a STARTTLS command:
https://en.wikipedia.org/wiki/STARTTLS
Port 465 is used by GMX for ESMTP which begins already encrypted.
> $ openssl s_client -connect mail.gmx.net:465
> ...
> 220 gmx.com (mrgmx001) Nemesis ESMTP Service ready
> ehlo junk
> ^C as it hung.
> I would have expected a reply here, or to be thrown off.
Must be something about the openssl run.
I can reproduce it here but am too lazy to explore :))
Trying telnet via stunnel:
$ telnet localhost 30029
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 gmx.com (mrgmx003) Nemesis ESMTP Service ready
ehlo junk
250-gmx.com Hello junk [79.192.75.113]
250-SIZE 69920427
250 AUTH LOGIN PLAIN
My own SMTP client does this dialog via stunnel:
< 220 gmx.com (mrgmx103) Nemesis ESMTP Service ready
> EHLO scdbackup.webframe.org
< 250-gmx.com Hello scdbackup.webframe.org [79.192.75.113]
< 250-SIZE 69920427
< 250 AUTH LOGIN PLAIN
> MAIL FROM:<scdbackup@gmx.net>
< 530 Authentication required
> AUTH PLAIN
< 334
> (secret text)
< 235 Authentication succeeded
> MAIL FROM:<scdbackup@gmx.net>
< 250 Requested mail action okay, completed
...
and sucessfully delivers the mail.
> > Certificate problems look different.
> > I can tell from running an 8 year old system in today's internet.
> If you say so. I don't know how to interpret
> verify error:num=19:self signed certificate in certificate chain
> above.
It did not prevent the connection and it is not what alpine
is reporting to me. I see the cleartext of SMTP error 503.
About the certification problems of openssl in particular
i found:
http://documentation.microfocus.com/help/topic/com.microfocus.eclipse.infocenter.edtest/HHSTSTCERT06.html
I understand one has to declare the self-signed certificates
to be trusted in order to silence the message. But how could
a user judge trustworthiness of a certificate ?
> BTW I assume the same problem as yours is reported at
> http://www.linuxforums.org/forum/networking/203061-alpine-setup-ok-unable-send-email.html
Yes. This is what i experience.
Just that my troubles did not start in october 2014 but
not before mid june of 2015. Up to then, the alpine of
my Debian 6 machine could send mail via stunnel and the
Nemesis of GMX.
A few days before i got my new Debian 8.1 machine, alpine
on Debian 6 stopped working. On the new machine it never
worked.
I downloaded alpine-2.20.tar.xz now, the newest version i
could find. It might last a while until i get some insight.
Have a nice day :)
Thomas
Reply to: