[9fans] ssmtp

[9fans] ssmtp

[onyx.peridot]

[Moderator's note:  Use of port 465 (ssmtp) is supposedly obsolete
 although many clients still use it.  The "official" way to do this
 is to use port 587 (msa) as described in RFC2476.]

Hi 9fans,

Is there any easy way to configure upas/smtp to use port 465 (ssmtp)
for authenticated smtp ?  Or does it require modification of the
source code of upas/smtp ?  I would like to get ssmtp working because
I don't have a fixed IP for my 9p server at home, and my ISP blocks
all smtp traffic except packets going through their smtp server, which
is very insecure and unreliable.

However, the smtp server in my office is secured and allows TLS via
port 25 and ssmtp via port 465.  I have already spent 2 days trying to
make it work, but to no avail.  I used snoopy to dump all the tcp
traffic and it seems that upas/smtp does not talk over port 465
regardless of what configuration I used.  Of course, I might have made
some errors, and that is why I pose my first question.

Re: [9fans] ssmtp

[Steve Simon]

> Is there any easy way to configure upas/smtp to use port 465 (ssmtp)
> for authenticated smtp ?

If you just refer to your smtp realy as net!smtp.your-relay.dom!ssmtp then it will use
port 456 - grep for 456 in /lib/ndb/common to see where this magic comes from.

There is only support for a limited subset of auth methods, plain and login I believe
but this should be enough - they are insecure on a clear link but over TLS its fine.

you will need to save the tls thumbprint for your relay, the first time you use it
this will be logged in /sys/log/smtp.fail (I think, one of the email related log
files anyway), and you can then cut and paste this into /sys/lib/tls/smtp, eg:

	x509 sha1=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

-Steve