Hello,
I've written a patch to force a SMTP connection to be encrypted.
Otherwise the program/user doesn't have control if the login data will
be sent unencrypted.
It would be great to see it in the official repository to share it with
others.
kind regards
Simon Ameis
--- "a/smtpsend-203.pas"
+++ "b/smtpsend.pas"
@@ -80,6 +80,7 @@ type
parent @link(TSynaClient) too!}
TSMTPSend = class(TSynaClient)
private
+ FForceEncryption: Boolean;
FSock: TTCPBlockSocket;
FResultCode: Integer;
FResultString: string;
@@ -209,6 +210,11 @@ type
SSL/TLS mode usualy using non-standard TCP port!}
property FullSSL: Boolean read FFullSSL Write FFullSSL;
+ {:Require encrypted communication. Fail if no encrypted connection
can be
+ established or if the unencrypted communication can't be upgraded
using
+ STARTTLS.}
+ property ForceEncryption: Boolean read FForceEncryption Write
FForceEncryption;
+
{:Socket object used for TCP/IP operation. Good for seting OnStatus
hook, etc.}
property Sock: TTCPBlockSocket read FSock;
end;
@@ -434,6 +440,15 @@ begin
begin
for n := 1 to FFullResult.Count - 1 do
FESMTPcap.Add(Copy(FFullResult[n], 5, Length(FFullResult[n]) - 4));
+ if ForceEncryption and (not FullSSL)
+ and AutoTLS and (FindCap('STARTTLS') = '') then
+ begin
+ // STARTTLS not supported but required
+ FResultString := 'Server doesnot support STARTTLS.';
+ Result := False;
+ Exit;
+ end;
+
if (not FullSSL) and FAutoTLS and (FindCap('STARTTLS') <> '') then
if StartTLS then
begin
diff --git
"a/C:\\Users\\simon\\AppData\\Local\\Temp\\TortoiseGit\\smt9202.tmp\\smtpsend-6c0d077-left.pas"
"b/C:\\Users\\simon\\Desktop\\synapse\\smtpsend.pas"
index e023a38..43e984d 100644
---
"a/C:\\Users\\simon\\AppData\\Local\\Temp\\TortoiseGit\\smt9202.tmp\\smtpsend-6c0d077-left.pas"
+++ "b/C:\\Users\\simon\\Desktop\\synapse\\smtpsend.pas"
@@ -80,6 +80,7 @@ type
parent @link(TSynaClient) too!}
TSMTPSend = class(TSynaClient)
private
+ FForceEncryption: Boolean;
FSock: TTCPBlockSocket;
FResultCode: Integer;
FResultString: string;
@@ -209,6 +210,11 @@ type
SSL/TLS mode usualy using non-standard TCP port!}
property FullSSL: Boolean read FFullSSL Write FFullSSL;
+ {:Require encrypted communication. Fail if no encrypted connection can be
+ established or if the unencrypted communication can't be upgraded using
+ STARTTLS.}
+ property ForceEncryption: Boolean read FForceEncryption Write
FForceEncryption;
+
{:Socket object used for TCP/IP operation. Good for seting OnStatus hook,
etc.}
property Sock: TTCPBlockSocket read FSock;
end;
@@ -434,6 +440,15 @@ begin
begin
for n := 1 to FFullResult.Count - 1 do
FESMTPcap.Add(Copy(FFullResult[n], 5, Length(FFullResult[n]) - 4));
+ if ForceEncryption and (not FullSSL)
+ and AutoTLS and (FindCap('STARTTLS') = '') then
+ begin
+ // STARTTLS not supported but required
+ FResultString := 'Server doesnot support STARTTLS.';
+ Result := False;
+ Exit;
+ end;
+
if (not FullSSL) and FAutoTLS and (FindCap('STARTTLS') <> '') then
if StartTLS then
begin
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public
