Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Space is to place as eternity is to time. -- Joseph Joubert


computers / comp.mail.sendmail / Re: stateful handling of opportunistic STARTTLS

SubjectAuthor
* stateful handling of opportunistic STARTTLSThorsten Glaser
`* Re: stateful handling of opportunistic STARTTLSClaus Aßmann
 `- Re: stateful handling of opportunistic STARTTLSThorsten Glaser

1
stateful handling of opportunistic STARTTLS

<Pine.BSM.4.64L.2311120136540.21254@herc.mirbsd.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=864&group=comp.mail.sendmail#864

 copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: tg...@mirbsd.de (Thorsten Glaser)
Newsgroups: comp.mail.sendmail
Subject: stateful handling of opportunistic STARTTLS
Date: Sun, 12 Nov 2023 01:39:22 +0000
Organization: A noiseless patient Spider
Lines: 16
Message-ID: <Pine.BSM.4.64L.2311120136540.21254@herc.mirbsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=utf-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Injection-Info: dont-email.me; posting-host="e9f7d521c621a4f6101357cc23c8f551";
logging-data="3915304"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19ICAzs12g+9nio1Cx5uL5bbsVtPqjQmjc="
Cancel-Lock: sha1:5UexCtcmBU9SBy6o0DV0wuwIjbk=
X-X-Sender: tg@herc.mirbsd.org
Content-Language: de-DE-1901, en-GB
 by: Thorsten Glaser - Sun, 12 Nov 2023 01:39 UTC

Hi,

when using the default opportunistic STARTTLS on delivering (when the
contacted server has it, try it, else just ignore its absence), there
is one thing I miss from sendmail which Postfix has: the latter, when
STARTTLS fails (e.g. no shared cipher) it remembers that and on later
delivery attempts, it doesn’t try STARTTLS (I think per message).

Is there a way to teach sendmail to do that as well?

Thanks,
//mirabilos
--
(gnutls can also be used, but if you are compiling lynx for your own use,
there is no reason to consider using that package)
-- Thomas E. Dickey on the Lynx mailing list, about OpenSSL

Re: stateful handling of opportunistic STARTTLS

<uippu3$ttg$1@news.misty.com>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=865&group=comp.mail.sendmail#865

 copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!.POSTED.veps.esmtp.org!not-for-mail
From: INVALID_...@esmtp.org (Claus Aßmann)
Newsgroups: comp.mail.sendmail
Subject: Re: stateful handling of opportunistic STARTTLS
Date: Sun, 12 Nov 2023 01:04:51 -0500 (EST)
Organization: MGT Consulting
Sender: <ml+sendmail(-no-copies-please)@esmtp.org>
Message-ID: <uippu3$ttg$1@news.misty.com>
References: <Pine.BSM.4.64L.2311120136540.21254@herc.mirbsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 12 Nov 2023 06:04:51 -0000 (UTC)
Injection-Info: news.misty.com; posting-host="veps.esmtp.org:155.138.203.148";
logging-data="30640"; mail-complaints-to="abuse@misty.com"
Mail-Copies-To: never
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: ca@x2.esmtp.org (Claus Assmann)
 by: Claus Aßmann - Sun, 12 Nov 2023 06:04 UTC

Thorsten Glaser wrote:

> when using the default opportunistic STARTTLS on delivering (when the
> contacted server has it, try it, else just ignore its absence), there
> is one thing I miss from sendmail which Postfix has: the latter, when
> STARTTLS fails (e.g. no shared cipher) it remembers that and on later
> delivery attempts, it doesn’t try STARTTLS (I think per message).

Do you mean TLSFallbacktoClear?

8.16.1/8.16.1 2020/07/05
To automatically handle TLS interoperability problems for outgoing
mail, sendmail can now immediately try a connection again
without STARTTLS after a TLS handshake failure.
This can be configured globally via the option
TLSFallbacktoClear or per session via the 'C' flag
of tls_clt_features.

Or do you mean some "long term storage" about this problem? If the
latter: how long? Maybe the server problem is getting fixed so
you want to use STARTTLS after all?

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

Re: stateful handling of opportunistic STARTTLS

<Pine.BSM.4.64L.2311122116470.4459@herc.mirbsd.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=868&group=comp.mail.sendmail#868

 copy link   Newsgroups: comp.mail.sendmail
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: tg...@mirbsd.de (Thorsten Glaser)
Newsgroups: comp.mail.sendmail
Subject: Re: stateful handling of opportunistic STARTTLS
Date: Sun, 12 Nov 2023 21:17:19 +0000
Organization: A noiseless patient Spider
Lines: 17
Message-ID: <Pine.BSM.4.64L.2311122116470.4459@herc.mirbsd.org>
References: <Pine.BSM.4.64L.2311120136540.21254@herc.mirbsd.org>
<uippu3$ttg$1@news.misty.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=utf-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Injection-Info: dont-email.me; posting-host="e9f7d521c621a4f6101357cc23c8f551";
logging-data="260874"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+JfBbcSkpqQRF10u/4yDx8tHOCzLtOK8Q="
Cancel-Lock: sha1:M47Oz1I6wO8ltq7wwdnm+248OR0=
Content-Language: de-DE-1901, en-GB
In-Reply-To: <uippu3$ttg$1@news.misty.com>
X-X-Sender: tg@herc.mirbsd.org
 by: Thorsten Glaser - Sun, 12 Nov 2023 21:17 UTC

Claus A�mann dixit:

>Do you mean TLSFallbacktoClear?
>
>8.16.1/8.16.1 2020/07/05

I think “yes, and I need to update my sendmail”.

Thank you!

bye,
//mirabilos
--
> Wish I had pine to hand :-( I'll give lynx a try, thanks.

Michael Schmitz on nntp://news.gmane.org/gmane.linux.debian.ports.68k
a.k.a. {news.gmane.org/nntp}#news.gmane.linux.debian.ports.68k in pine

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor