From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/66954 Path: news.gmane.org!not-for-mail From: reader@newsguy.com Newsgroups: gmane.emacs.gnus.general Subject: Re: [OT]sendmail ssl authentication Date: Fri, 16 May 2008 12:58:06 -0500 Organization: Still searching... Message-ID: <874p8y5dxt.fsf@newsguy.com> References: <87bq37aba8.fsf@newsguy.com> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1210960777 11747 80.91.229.12 (16 May 2008 17:59:37 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 16 May 2008 17:59:37 +0000 (UTC) To: ding@gnus.org Original-X-From: ding-owner+M15431@lists.math.uh.edu Fri May 16 20:00:14 2008 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by lo.gmane.org with esmtp (Exim 4.50) id 1Jx4Dz-0006jW-1p for ding-account@gmane.org; Fri, 16 May 2008 20:00:11 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1Jx4CO-0005ax-WE; Fri, 16 May 2008 12:58:33 -0500 Original-Received: from mx2.math.uh.edu ([129.7.128.33]) by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from ) id 1Jx4CN-0005ai-Jl for ding@lists.math.uh.edu; Fri, 16 May 2008 12:58:31 -0500 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx2.math.uh.edu with esmtp (Exim 4.67) (envelope-from ) id 1Jx4CH-0008W6-J3 for ding@lists.math.uh.edu; Fri, 16 May 2008 12:58:31 -0500 Original-Received: from main.gmane.org ([80.91.229.2] helo=ciao.gmane.org) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1Jx4CV-00016O-00 for ; Fri, 16 May 2008 19:58:39 +0200 Original-Received: from list by ciao.gmane.org with local (Exim 4.43) id 1Jx4CC-0001bz-Cg for ding@gnus.org; Fri, 16 May 2008 17:58:20 +0000 Original-Received: from c-67-162-73-42.hsd1.il.comcast.net ([67.162.73.42]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 16 May 2008 17:58:20 +0000 Original-Received: from reader by c-67-162-73-42.hsd1.il.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 16 May 2008 17:58:20 +0000 X-Injected-Via-Gmane: http://gmane.org/ Original-Lines: 82 Original-X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: c-67-162-73-42.hsd1.il.comcast.net User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.2 (gnu/linux) Cancel-Lock: sha1:UosNhIdv3f6Ag8B8SPcOVZnGoSE= X-Spam-Score: -1.6 (-) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:66954 Archived-At: David writes: > reader@newsguy.com writes: >> Sending a message with `mail -v' and watching the smtp conversation I >> see my messages get to the comcast mail server, (posted separately) >> but there is no mention of any authentication problem only a >> `deferred' and then timeout. > > There is a great tool for testing SMTP connections called "swaks": > > http://www.jetmore.org/john/code/#swaks Yes nice >> In case anyone suggests it: I don't really want to side step and use >> the smtp.el package inside of gnus because I like for other mail tools >> like mailx to work too. > > OK. My next suggestion would then be to switch to Exim or > Postfix. They're usually easier to configure and many distributions have > scripts to create the configuration for you, based on some simple > settings (Exim on Debian, for example). I've used sendmail continuously for 7-8 yrs... and have been able to get it sorted out thru quite a few ISP changes and sendmail updates. I has been a chore at times... but I've found the others you mentioned not to be nearly as well documented as sendmail... although I quickly admit I am very much a lightweight in sendmail skills. [...] > See this thread for details and how to test with telnet/swaks what > you're dealing with: > > http://thread.gmane.org/gmane.emacs.help/52049 Yes, quite a lot of helpful info there >>Does anyone know what I need in sendmail setup to allow ssl >>authentication at my ISP smtp server? > > I'd suggest you better ask that question in a group dealing with > sendmail. Yes I was doing that simultaneously and have a discussion going with one of the heavy hitters on comp.mail.sendmail (Per Hedlund) Who so far has been telling me to make sure STARTTLS cannot be made to work some how before going the stunnel or some other ssl wrapper route. And it does appear there may be some hope since I see mention of STARTTLS in the output of swaks: reader > swaks --auth --tls-on-connect -p 465 -s smtp.comcast.net To: reader@jtan.com Username: My-uid Password: My-passwd === Trying smtp.comcast.net:465... === Connected to smtp.comcast.net. === TLS started w/ cipher DHE-RSA-AES256-SHA <~ 220 OMTA02.emeryville.ca.mail.comcast.net comcast ESMTP server ready ~> EHLO reader.local.lan <~ 250-OMTA02.emeryville.ca.mail.comcast.net hello [67.162.73.42], pleased to meet you <~ 250-HELP <~ 250-AUTH LOGIN PLAIN CRAM-MD5 <~ 250-SIZE 15728640 <~ 250-ENHANCEDSTATUSCODES <~ 250-8BITMIME <~ 250-STARTTLS <~ 250 OK ~> AUTH CRAM-MD5 <~ 334 PDI3MTExLjEyMTA5NTk0NzZAT01UQTAyLmVtZXJ5dmlsbGUuY2EubWFpbC5jb21jYXN0Lm5ldD4= ~> SGFycnlQdXRuYW0gY2VlMTBhOTJkMWQ0ZWYwZjUyMjg4NjQ0ZjdhMzM0NWE= <~ 235 2.7.0 ... authentication succeeded ~> MAIL FROM: <~* 550 5.1.0 sender rejected : invalid sender domain ~> QUIT It doesn't like my homemade domain name but that shouldn't happen with sendmail since I am masquerading as my pop server newsguy.com I guess the trick is getting sendmail to send whatever swak sends to that port.