> how-to
You will have a pain fingerprint (or file) pinning Gmail
and many other service certs these days because they
change their end service cert sigs frequently via LetsEncrypt,
and Google even physically swaps out their entire service
certs while leaving their intermediates in place longer te
> The certificate issuer is unknown.
> may be due to the fact that I have recently upgraded my system.
Reinstall the root cert CA bundle from your OS vendor.
Make sure the system and msmtp can find them.
> When I use --tls-certcheck=off
> How insecure it
Very. Don't.
> tls_trust_file
> tls_fing
On Mon, Jun 11, 2018 at 1:58 PM, Martin Lambers via msmtp-users
wrote:
> I am currently think about moving msmtp away from SourceForge, most
> likely to a gitlab instance (but probably not on gitlab.com).
>
> While looking into what would need to be moved, I noticed that I did
> not receive mails
On Fri, Apr 20, 2018 at 6:21 AM, ilf wrote:
> In order to use an
> IP or onion as $host combined with $tls_trust_file, I would propose to add
> something like a $tls_hostname setting which we will be verified against the
> hostname in the certificate.
>
> This isn't completely new, f.e. unbound do
On Wed, Oct 18, 2017 at 10:13 AM, Ole Martin Svanekil
wrote:
> I'm using msmtp to send mail with multiple recipients.I have noticed that
> msmtp aborts when receiving a 550 from the mail server In this example the
> email address te...@mycompany.com does not exist
>
> My preferred behavior wou
msmtp does not do that, you must preconstruct the
attachment into the body of the messages you wish
to send, using the appropriate RFC's, or an MUA,
or some message composer / script / save to file.
--
Check out the vibran
The idea seems useful in general, especially on shared machines
that have not set up complicated uid based packet filtering... university
systems, work labs, shell accounts, hacker spaces?
What apps do you suggest are able writing to the domain socket
to send messages?
On 6/19/16, Se Kasi wrote:
> Does anyone see an easy and mail client independent way to implement a
> feature in msmtp to send emails only after a certain timestamp/date has been
> passed?
Just use at(1) under unix.
--
W
On Wed, Jan 27, 2016 at 2:44 AM, Martin Lambers wrote:
> On Tue, 26 Jan 2016 23:19:44 -0500, John Hudak wrote:
>> error:2D06C06E:FIPS routines:FIPS_module_mode_set:fingerprint does
>> not match
>
> Googling for the error message suggest that this might be an issue with
> OpenSSL/FIPS. I am not sur
On Sun, Jan 24, 2016 at 3:43 PM, John Hudak wrote:
> I installed msmtp on opensuse 13.2 using yast from the package repositiory.
> tls_trust_file /etc/ssl/certs/ca-certificates.crt
If that's suse's big global ca file, it may be old, inspect and try...
https://hg.mozilla.org/mozilla-central/raw-fi
This may be of interest...
-- Forwarded message --
From: Johnny Utahh
Date: Sun, Jul 12, 2015 at 6:30 PM
I welcome any feedback comparing mutt-kz with other Notmuch-based MUAs:
https://github.com/johnnyutahh/search-based-email#MUA_choice
Thanks, Johnny
_
First, try to focus, pick one problem in one mail direction,
figure that one out.
You spelled hampshire wrong all over.
There may be leading spaces in mail.txt.
Remember, email systems can inspect areas different ways...
three ways: username, envelope from, body from.
two ways: envelope to, body to
On Mon, Mar 9, 2015 at 5:28 AM, Martin Lambers wrote:
> routing. I once read that one should use SO_BINDTODEVICE if the packets
> should go out a specific network interface; is this what you want to
> do? If not, could you explain how binding to an IP address is useful;
Did not look close at all
On Fri, Feb 20, 2015 at 9:12 AM, G H wrote:
> Patch is attached to cause msmtp to bind to a source IP address before
> connecting to the remote endpoint. This is useful for source-based routing.
> Note that DNS lookups will still be going out your default interface; use a
> local dnsmasq or IPt
On Tue, Dec 2, 2014 at 5:04 PM, Martin Lambers wrote:
> I think we can do something simpler: just tell msmtp that it should not
> add missing Date/From headers. The user then has full control over the
> mail headers and can put anything in them. No need to even tell msmtp
> about it, since it shou
On Tue, Dec 2, 2014 at 11:26 AM, Matus UHLAR - fantomas
wrote:
>>> >- From: and Date: headers are now added to mails if necessary
>
>>On Tue, 2 Dec 2014 14:24:05 +0100, Matus UHLAR - fantomas wrote:
>>> btw, can this be turned off?
>>> I've been happily using msmtp as smtp client to check servers'
On Wed, Nov 12, 2014 at 2:16 AM, grarpamp wrote:
> Note rfc2822 was obsoleted for 5322, the current set for SMTP is below.
> https://tools.ietf.org/html/rfc5322
> Internet Message Format
> https://tools.ietf.org/html/rfc6854
> Update IMF to Allow Group Syntax in From: and
On Tue, Nov 18, 2014 at 3:10 PM, Martin Lambers wrote:
>> My only thought is that via some msmtp options it should be possible
>> to send NULL or literally arbitrary data for any/all elements [1] of
>> the transaction, even if for no other reason than testing the
>> behavior of your [own] SMTP ser
On Wed, Nov 12, 2014 at 1:20 AM, Martin Lambers wrote:
> Do you see problems with this approach? Are there alternative
> suggestions?
My only thought is that via some msmtp options it should be possible
to send NULL or literally arbitrary data for any/all elements [1] of the
transaction, even if
On Wed, Nov 5, 2014 at 11:13 AM, G H wrote:
> It would be nice to set the source interface (source IP) that msmtp binds to
> when establishing connections. This would be helpful when you are using
> source-based routing. For reference, this is a patch on how it is done in
> SSMTP: http://m.cr.u
Fails for me but mine is old 2.12.23 or so.
gnutls-cli --starttls mail.smart-cactus.org -p 587 -V -d 15 < /dev/null
Try the gnutls-cli-debug* utils. Check the system update log and/or
try compile by hand.
--
_
This might be because your server is asking for client
certs and supplying an [long] list of acceptable CA's. And your
msmtp may be linked to openssl libs which interprets
that. And msmtp appears to be considering something
therein an error instead of continuing with the session
as raw gnutls/opens
bad quote
msmtp.texi:555:@item --proxy-port=[@var{number}"
--
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take c
FYI torizens... these are in git on sourceforge, with it you can
skip torsocks and go direct socks5 to tor, and give you option
to compile statically without using torrouter. User/pass isn't yet
supported so IsolateSOCKSAuth won't work, it would be a small
patch for someone who likes to.
-
>> > Please test.
Rev 036380a works ok so far! :-) I static compiled. I haven't yet
tested pushing ipv6 through the socks5 server but will later.
When pointing libssl_CFLAGS -I and libssl_LIBS -L to some
elsewhere version, I have to also say '-lssl -lcrypto' in libssl_LIBS
too, otherwise undefine
>> http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
>
> Zero really is reserved, as mentioned on that list, and has been
> assigned some special meaning under certain circumstances, so it really
> is not valid for SMTP (or any other typical network service
On a midlife FreeBSD 8.x I get:
autoreconf-2.69: configure.ac: AM_GNU_GETTEXT is used, but not
AM_GNU_GETTEXT_VERSION
then later on:
Making all in po
Global:CHECK_MACRO_VERSION = test "$(GETTEXT_MACRO_VERSION)" = "0.18"
|| { echo "*** error: gettext infrastructure mismatch: using a
Makefile.in.i
Noticed the msmtp and mpop webpages
were small and static. They could be added
to git.
Would it be nuts to put the mail archives
there instead of as SF files? Not realtime,
but just whenever freq.
That would make git a sort of one stop
mirror/dev area.
---
On Thu, Oct 16, 2014 at 5:00 PM, Martin Lambers wrote:
> OK, I pushed the patch to the git repository, complete with new
> proxy_host and proxy_port commands and corresponding options, and
> documentation.
>
> Please test.
The docs don't say anything about which socks version is
actually supporte
On Tue, Oct 14, 2014 at 4:47 AM, Martin Lambers wrote:
> It is similar in functionality to your patch, but
> - improves error diagnostics for the proxy connection
> What do you think?
I like diags because they give user a clue on the
path to their own fix and reduces support.
---
On Tue, Oct 14, 2014 at 4:56 PM, grarpamp wrote:
> I think SOCKS5, with auth option, and with IPv6 support would be the
> minimum requirement, which also happens to cover most users needs.
Another small bit: The same types from which a user may choose as
their destination, it should be po
On Mon, Oct 13, 2014 at 4:29 PM, Martin Lambers wrote:
> 1. Is there any need for anything except SOCKS5? It has been around for
> ages, does anybody really still need SOCKS4?
Perhaps for the latter you mean tow two of "SOCKS4"
and/or "SOCKS4a".
Of all the apps I've used, if they only supported
On Tue, Oct 14, 2014 at 5:49 AM, Martin Lambers wrote:
> On Tue, 14 Oct 2014 10:48:32 +0200, ilf wrote:
>> The Tor Project recommends SOCKS 4a over SOCKS 5 against DNS leaks:
>> https://www.torproject.org/docs/faq#WarningsAboutSOCKSandDNSInformationLeaks
> Yes, but only if the SOCKS5 application
On Tue, Oct 7, 2014 at 4:28 PM, Martin Lambers wrote:
> On Tue, 7 Oct 2014 14:45:24 -0400, grarpamp wrote:
>> On Tue, Oct 7, 2014 at 1:28 PM, Ángel González
>> wrote:
>> > CustaiCo wrote:
>> >> Because of how cleanly seperated the network code is from th
My earlier thought was suggest maybe including something from
a group that is generally not known to produce said crap/cleanup
and had a universally compatible license. If that would work better?
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/socks.c?rev=HEAD
http://cvsweb.openbsd.org/cgi-
On Tue, Oct 7, 2014 at 7:46 AM, CustaiCo wrote:
> I have completed the work to add proxying to msmtp without any
> dependancy on any other library. Initially I was just linking against
> the proxychains code.
socks5 seems the most common, which this patch handles.
And proxy.c has socks4.
Though s
On Tue, Oct 7, 2014 at 1:28 PM, Ángel González wrote:
> CustaiCo wrote:
>> Because of how cleanly seperated the network code is from the rest of
>> the application, I'm fairly sure that there should be no leaks, unless
>> the ssl library decides to open it's own connections for no reason.
>
> Like
Amazing, can search history with mutt now, thx!
--
Slashdot TV. Videos for Nerds. Stuff that Matters.
http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk
_
On Fri, Oct 3, 2014 at 5:04 PM, CustaiCo wrote:
> To just yank in somebody's code and bloat the code
> base with a bunch of proxy code seems pretty pointless.
Once you exec msmtp it's in there anyways. Guess I don't
see a problem with putting the little bit of socks5 in msmtp
directly. It's not l
On Sat, Oct 4, 2014 at 3:29 AM, Matus:
>>Is it necessary to invoke new dependencies on third party libraries?
>
> It's better than reinvent the wheel, risk new (security) bugs etc.
Socks5 code itself is very small. Reviewing a cut/paste
to spec from OpenBSD/nc or any other compatible inclusion
wou
On Fri, Oct 3, 2014 at 1:23 PM, CustaiCo wrote:
> I've written an patch that allows msmtp to use a socks
Good to see someone working on this.
Is it necessary to invoke new dependencies on third party libraries?
Especially one that hasn't been maintained since 2005?
What about simply including so
>> > I don't see a practical way to do that. Maybe this should be a
>> > feature request addressed at SourceForge.
In lieu of the below discovery, I was referring to the personal
copy most project members maintain locally.
>> http://sourceforge.net/p/forge/documentation/Mailing%20List%20Archives/
Give then sourceforge lists don't provide mbox importable
archives via pipermail and aren't really user friendly...
Can the list admin regularly concat into one mbox.xz the
list archives, say at least every six months, and put them
in the 'files' section for download? Thanks.
-
On Mon, Jul 14, 2014 at 7:09 AM, Matus UHLAR - fantomas
wrote:
> do you use separate chroot for each one application?
People use chroot as desired.
> so, in case of buggy library it's not enought o replace the library, but
> rebuild of msmtp is needed. congrats...
This is not news, nor a proble
On Sun, Jul 13, 2014 at 8:54 AM, Matus UHLAR - fantomas
wrote:
> What's the point of running msmtp within chroot ?
Security, compartmentalizing, lightweight VM/routing instances, etc.
Compile it static as well.
--
__
> If someone has an idea of what could cause it, I would be really interested.
> yesterday morning and the only thing that I did was a system update (I
Well, what was updated, did you restart everything required, and
what happens when you back it out.
> mai 01 09:36:07 host=smtp.desfontain.es tls
Thanks for msmtp.
--
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries. Buil
> Any help or suggestions?
Configure listens to CPP/LD FLAGS=-static but makefiles are
broken and set up intl and iconv as .so's.
Till that's fixed, just change them to .a's in the final gcc line.
msmtp_static: ELF 32-bit LSB executable, Intel 80386, version 1
(FreeBSD), statically linked, for Fre
> The CR is part of the SMTP conversion: each line must end with CR LF.
> So I would not say it's a bug, and in any case, it does not do any
> harm, does it?
No 'harm'. But every other unix style output I'm familiar with
terminates only with LF. So if you're trying to match the end of
line '$', we
There are a couple of buglike things in this version.
- Debug output with -d prints carriage returns at the
end of every line before the newline. Unless msmtp is
trying to emulate Microsoft MS-DOS, please remove them :)
- On FreeBSD 8.3 i386, ./configure --with-ssl=openssl says:
TLS/SSL support .
Thanks msmtp people for the work on msmtp!
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
w
> Yes, this is possible to some extent, but I'm not sure if we can really
> remove all traces of the original command line from the system
> records
Records (accounting, logs or otherwise) wouldn't be of much
concern, as those are usually restricted to uid 0 or the user
themselves, both presumably
Isn't it possible for the program to rewrite its
own argv0 and/or parameters that would show
up in ps/proc/etc when accessed by other uid's?
But that may be subject to determination by race.
So also, examine the -h and -H options used in pw here:
http://svnweb.freebsd.org/base/releng/9.0/usr.sbin/
> Have fun, and I hope someone else can test out the patch.
I don't know if, for example, fetchmail or fdm permit line comments, but
fetchmail does make use of quoting. There are cases where any number
of parameters may need to quote/escape things like quotes, spaces, #'s,
etc... because that data
> It works if you use their root certificate instead
> (AddTrustExternalCARoot.crt). PositiveSSLCA2.crt is just an
> intermediate certificate.
>
> This is confusing and should really be simpler. Does anyone have a
> good idea how we can simplify configuring a proper TLS/SSL setup?
>
> Currently the
sent to me private instead of list...
On Wed, May 2x, 2012 at xx:xx, user wrote:
Seems like msmtp having its own internal transparent SOCKS5 capability
would solve those issues. Right?
>>>
>>> Some of them sure!
>>
>> We hope most, if not all.
>
> Don't give up. I too want native SOCKS/
>> Yes, but I'm pretty sure that would break TLS since msmtp sees localhost as
>> CN
>> in its config and the cert CN says realsmtp.net.
> No, msmtp could be configured not to check ssl certs with
> tls_certcheck off
> option in .msmtprc
Ok, sure with that, but well the presumption is that secur
On Mon, May 21, 2012 at 3:10 PM, Leandro Noferini
wrote
>>> I use msmtp + socat and they works fine together with a tor relay.
>>
>> Those of you saying you're using socat to allow msmtp to speak to
>> a SOCKS server... can you post an example of your invocation/config?
>
> socat -d -d -d -lu TCP4
>>> or are you thinking of a shell script using socat?
>> Socat does not provde a SOCKS server, only a client, so it can't
>> be used. I mentioned it only as an example of an interesting shim-like
>> tool that might be out there. Not as one that could be used in this
>> case.
> I use msmtp + socat
> jaro...@dyne.org says:
> I'm very interested in this,
Hi :) I think the motivation is to make the use of SOCKS with msmtp
simple. Which generally means SOCKS being added to msmtp itself.
Certainly not only for Tor, but also for biz, edu, and gov firewalls
as well. Lots of good use cases there t
>> > It still says ssmtp on my
>> > system, though smtps seems to be accepted as an alias.
>>
>> Here's mine, which does not recognize ssmtp...
>>
>> http://svnweb.freebsd.org/base/releng/9.0/etc/services?view=markup
>
> OK, that's a good reason to switch to the new name. Patch is pushed.
Cool.
>
>> Think of replace string 'ssmtp' with the correct IANA standard of
>> 'smtps'.
>
> "ssmtp" refers to the /etc/services entry.
I know. I listed the canonical IANA source for everyone's /etc/services
rather than post mine too, it's more 'mine' agnostic that way, can't
argue with the source, only w
One list subscriber, who shall remain anonymous, said in reply...
> "If you want to use Tor, just wrap torsocks around it. Works like a charm."
Bastardizing library calls with LD_PRELOAD only works
with dynamically compiled binaries. When your msmtp
or other app is statically compiled, it's useles
Think of replace string 'ssmtp' with the correct IANA standard of 'smtps'.
Add reference to working with submission (port 587) should be made
somewhere too :)
http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml
./ChangeLog:- Use getservbyname() to get the de
Hey all! Been using msmtp for a while, pretty cool :)
Now I'm in a new situation where having an option
to send ALL of msmtp's traffic via a SOCKSv5 server
would be immensely useful.
I check and grep entire source code for 'socks'
insensitive and there was no result :(
So I guess this is a forma
65 matches
Mail list logo
