[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SMTP port specification



David, very interesting and helpful.

On Tue, Dec 04, 2012 at 05:37:19AM +0100, David Maus wrote:
> At Mon, 3 Dec 2012 14:35:48 -0500,
> 
> Is there a buffer called `*trace of SMTP session to …*` 

I didn't know it was there. It reads in its entirety:

  250-VRFY
  250-ETRN
  250-STARTTLS
  250-AUTH PLAIN LOGIN
  250-AUTH=PLAIN LOGIN
  250-ENHANCEDSTATUSCODES
  250-8BITMIME
  250 D

I get feeling last line should be "STARTTSL", and there was instead an 
unintelligible command which seems to have brought the negotiation to 
an abrupt halt.

But more interesting is the content of the *Messages* buffer. I got:

1 UTC', SHA-1 fingerprint `d23209ad23d314232174e40d7f9d62139786633a'
- The hostname in the certificate does NOT match
'mail.HistoricalMaterialism.info'

and in more detail:

  Loading 00debian-vars...done
  ...
  Loading /etc/emacs/site-start.d/50flim.el (source)...done
  ...
  Loading /etc/emacs/site-start.d/50latex-cjk-common.el (source)...
  Error while loading 50latex-cjk-common: Cannot open load file: cjk-enc
  ...
  Loading /etc/emacs/site-start.d/51semi.el (source)...done
  Loading /etc/emacs/site-start.d/65wl-beta.el (source)...done
  ...
  Initializing...
  Loading mail-mime-setup...done
  gnus-mime-setup is not found.
  emh-setup is not found.
  Updating addresses...done
  Checking environment...done
  Checking type of variables...done
  Initializing folder...done
  Inserting group Desktop...done
  Loading msgdb for +draft...done
  ...
  Saving...done
  Send current draft? (y or n)
  ...
  Exit MIME editor mode.
  Sending...
  Opening STARTTLS connection to `mail.HistoricalMaterialism.info:587'...done
  STARTTLS negotiation failed: SN

  STARTTLS

  220 2.0.0 Ready to start TLS

  *** Starting TLS handshake
  - Ephemeral Diffie-Hellman parameters
   - Using prime: 1024 bits
   - Secret key: 1023 bits
   - Peer's public key: 1022 bits
  - Certificate type: X.509
   - Got a certificate list of 4 certificates.
   - Certificate[0] info:
    - subject `serialNumber=55wuv7Hw3yCqHXG8DLnT-lJFxilwys/n,C=US,ST=California,L=Torrance,
	O=Omnis Network\, LLC,CN=*.omnis.com', 
	issuer `C=US,O=GeoTrust\, Inc.,	CN=GeoTrust SSL CA', 
	RSA key 2048 bits, signed using RSA...
   - Certificate[1] info: 
  ...
   - Certificate[3] info:
    - subject `C=US,O=Equifax,OU=Equifax Secure Certificate Authority', 
	issuer `C=US,O=Equifax,OU=Equifax Secure Certificate Authority', 
	RSA key 1024 bits, signed using RSA-SHA, activated `1998-08-22 16:41:51 UTC' ...
  - The hostname in the certificate does NOT match 'mail.HistoricalMaterialism.info'

  Entering debugger...

I don't understand why, if TLS has failed, negotiation then proceeds. 

In any case, there does seem to be an obvious problem at the end. The 
host certificate does not match the name of my mail server. However, 
the name of the server seems correct, for I use it all the time with 
exim. My exim configuration has:

  Hostname of outgoing smarthost: mail.HistoricalMaterialism.info::587

> The AUTH PLAIN contains the base64 encoded username and password, you
> can check what WL is actually sending by decoding the string with

> `base64-decode-string'.

Nice suggestion, but I don't know how to do it. I find that Emacs 
knows the command but I don't know how to run it on the hex string 
("No Match").

Haines