Quoting Thomas Schmitt (scdbac...@gmx.net): > David Wright wrote: > > > > I can direct alpine unencrypted to port 30029 and see the same > > > effect as with alpine's own encryption via "/ssl/" or "/tls/". > > > I'm sorry if I appear to be thick but I get very little sense from > > "see the same effect as with alpine's own encryption". I can't be > > certain what works and what fails when you express it like that. > > All three variations of alpine SMTP configuration which i tried > do not work: > > smtp-server=mail.gmx.net/ssl/user=my_user...@gmx.net > smtp-server=mail.gmx.net/tls/user=my_user...@gmx.net
OK. It would be nice to know which port numbers alpine is trying to use. I've always found it pays to specify them explicitly and, when things don't work (like in a motel), try other alternatives. 25, 465, 785, 2525, 25025 etc. > smtp-server=localhost:30029/user=my_user...@gmx.net > > The third one is using a stunnel process at port 30029 which > encrypts the communication and forwards it to and from > port 465 of mail.gmx.net. So AIUI alpine is sending and receiving plaintext and your stunnel does the encryption. And this stopped working 2015 mid-June. Not having tried mail.gmx.net:465 myself before a few hours ago, I don't know whether the fact that it hangs is something that started happening in mid-June (for everyone). Were I a user of mail.gmx.net, I would ask them. > The effect is that i see indications of a beginning (E)SMTP > dialog up to the prompt for a password. But the attempt to > hand over the mail fails with alpine displaying the message > "Bad sequence of commands". I assume it stems from the server. > > > 250 AUTH LOGIN PLAIN > > This is what i assume to be triggering the alpine passowrd > prompt. So i believe that alpine gets that far with the > server. > > > > I can't start 587 as an encrypted connection: [...] > > which appears normal. However, 465 seems to behave oddly: > > I understand 587 is for encryption being started inside > the ESMTP dialog. There is a STARTTLS command: > https://en.wikipedia.org/wiki/STARTTLS > > Port 465 is used by GMX for ESMTP which begins already encrypted. > > > > $ openssl s_client -connect mail.gmx.net:465 > > ... > > 220 gmx.com (mrgmx001) Nemesis ESMTP Service ready > > ehlo junk > > ^C as it hung. > > I would have expected a reply here, or to be thrown off. > > Must be something about the openssl run. > I can reproduce it here but am too lazy to explore :)) Well I tried again from another machine and managed to provoke some life into it, but the responses weren't what I expected. Only two commands did anything: it: 220 gmx.com (mrgmx101) Nemesis ESMTP Service ready me: noop me: NOOP me: quit me: QUIT it: DONE $ and it: 220 gmx.com (mrgmx101) Nemesis ESMTP Service ready me: rset me: RSET it: RENEGOTIATING it: 3073837208:error:14094153:SSL routines:SSL3_READ_BYTES:no renegotiation:s3_pkt.c:1247: $ so case is sensitive. I can't reconcile it with rfc5321. > Trying telnet via stunnel: > > $ telnet localhost 30029 > Trying ::1... > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 gmx.com (mrgmx003) Nemesis ESMTP Service ready > ehlo junk > 250-gmx.com Hello junk [79.192.75.113] > 250-SIZE 69920427 > 250 AUTH LOGIN PLAIN > > My own SMTP client does this dialog via stunnel: > > < 220 gmx.com (mrgmx103) Nemesis ESMTP Service ready > > EHLO scdbackup.webframe.org > < 250-gmx.com Hello scdbackup.webframe.org [79.192.75.113] > < 250-SIZE 69920427 > < 250 AUTH LOGIN PLAIN > > MAIL FROM:<scdbac...@gmx.net> > < 530 Authentication required > > AUTH PLAIN > < 334 > > (secret text) > < 235 Authentication succeeded > > MAIL FROM:<scdbac...@gmx.net> > < 250 Requested mail action okay, completed > ... > > and sucessfully delivers the mail. Fair enough. I don't wait for 530 but authenticate straight away, and ditto 334. But I can't get any response from ehlo or EHLO, so I give up. To summarise, I don't use alpine myself, you can't show any logs, and the server doesn't behave the same for you and me. Or, at least, I've used openssl s_client -connect mail.gmx.net:465 and I don't get the results that your stunnel (which I know nothing about) is providing above. > Just that my troubles did not start in october 2014 but > not before mid june of 2015. Up to then, the alpine of > my Debian 6 machine could send mail via stunnel and the > Nemesis of GMX. > A few days before i got my new Debian 8.1 machine, alpine > on Debian 6 stopped working. On the new machine it never > worked. > > I downloaded alpine-2.20.tar.xz now, the newest version i > could find. It might last a while until i get some insight. Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150727184656.GB12183@alum
