Hi, David Wright wrote:
> > I can direct alpine unencrypted to port 30029 and see the same > > effect as with alpine's own encryption via "/ssl/" or "/tls/". > I'm sorry if I appear to be thick but I get very little sense from > "see the same effect as with alpine's own encryption". I can't be > certain what works and what fails when you express it like that. All three variations of alpine SMTP configuration which i tried do not work: smtp-server=mail.gmx.net/ssl/user=my_user...@gmx.net smtp-server=mail.gmx.net/tls/user=my_user...@gmx.net smtp-server=localhost:30029/user=my_user...@gmx.net The third one is using a stunnel process at port 30029 which encrypts the communication and forwards it to and from port 465 of mail.gmx.net. The effect is that i see indications of a beginning (E)SMTP dialog up to the prompt for a password. But the attempt to hand over the mail fails with alpine displaying the message "Bad sequence of commands". I assume it stems from the server. > 250 AUTH LOGIN PLAIN This is what i assume to be triggering the alpine passowrd prompt. So i believe that alpine gets that far with the server. > I can't start 587 as an encrypted connection: [...] > which appears normal. However, 465 seems to behave oddly: I understand 587 is for encryption being started inside the ESMTP dialog. There is a STARTTLS command: https://en.wikipedia.org/wiki/STARTTLS Port 465 is used by GMX for ESMTP which begins already encrypted. > $ openssl s_client -connect mail.gmx.net:465 > ... > 220 gmx.com (mrgmx001) Nemesis ESMTP Service ready > ehlo junk > ^C as it hung. > I would have expected a reply here, or to be thrown off. Must be something about the openssl run. I can reproduce it here but am too lazy to explore :)) Trying telnet via stunnel: $ telnet localhost 30029 Trying ::1... Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 gmx.com (mrgmx003) Nemesis ESMTP Service ready ehlo junk 250-gmx.com Hello junk [79.192.75.113] 250-SIZE 69920427 250 AUTH LOGIN PLAIN My own SMTP client does this dialog via stunnel: < 220 gmx.com (mrgmx103) Nemesis ESMTP Service ready > EHLO scdbackup.webframe.org < 250-gmx.com Hello scdbackup.webframe.org [79.192.75.113] < 250-SIZE 69920427 < 250 AUTH LOGIN PLAIN > MAIL FROM:<scdbac...@gmx.net> < 530 Authentication required > AUTH PLAIN < 334 > (secret text) < 235 Authentication succeeded > MAIL FROM:<scdbac...@gmx.net> < 250 Requested mail action okay, completed ... and sucessfully delivers the mail. > > Certificate problems look different. > > I can tell from running an 8 year old system in today's internet. > If you say so. I don't know how to interpret > verify error:num=19:self signed certificate in certificate chain > above. It did not prevent the connection and it is not what alpine is reporting to me. I see the cleartext of SMTP error 503. About the certification problems of openssl in particular i found: http://documentation.microfocus.com/help/topic/com.microfocus.eclipse.infocenter.edtest/HHSTSTCERT06.html I understand one has to declare the self-signed certificates to be trusted in order to silence the message. But how could a user judge trustworthiness of a certificate ? > BTW I assume the same problem as yours is reported at > http://www.linuxforums.org/forum/networking/203061-alpine-setup-ok-unable-send-email.html Yes. This is what i experience. Just that my troubles did not start in october 2014 but not before mid june of 2015. Up to then, the alpine of my Debian 6 machine could send mail via stunnel and the Nemesis of GMX. A few days before i got my new Debian 8.1 machine, alpine on Debian 6 stopped working. On the new machine it never worked. I downloaded alpine-2.20.tar.xz now, the newest version i could find. It might last a while until i get some insight. Have a nice day :) Thomas -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1876555491048612...@scdbackup.webframe.org