[racket] (smtp-send-message ...) with #:tls-encode

From: Greg Hendershott (greghendershott at gmail.com)
Date: Wed Mar 9 12:04:38 EST 2011
Previous message: [racket] (smtp-send-message ...) with #:tls-encode
Next message: [racket] (smtp-send-message ...) with #:tls-encode
Messages sorted by: [date] [thread] [subject] [author]
It looks like Gmail supports the port 587 STARTTLS approach exactly
the same as does hosted Exchange (Gmail also supports connecting using
SSL on port 465).

So you can use the same approach (port 587 STARTTLS) testing against
both servers:

(smtp-send-message
  server ; "smtp.gmail.com" or "smtp.mail.microsoftonline.com"
  from
  to
  header
  body
  #:port-no 587
  #:auth-user "name"
  #:auth-passwd "passwd"
  #:tcp-connect tcp-connect ; the default value; do NOT supply `ssl-connect'.
  #:tls-encode: ports->ssl-ports
)

For me that works with both smtp.gmail.com and smtp.mail.microsoftonline.com.

Again this won't work with the smtp-send-message provided by net/smtp.
You need to modify it to handle STARTTLS as I showed before.

I hope this helps!

On Wed, Mar 9, 2011 at 8:39 AM, Stephen De Gabrielle
<stephen.degabrielle at acm.org> wrote:
> I *am* trying to connect to a exchange server, I just used gmail as a
> acceptable public target.
>
> I'll try again, though I suspect a proxy server it the problem. I
> can't tell because the server response is truncated. :(
>
> Thanks again,
>
> Stephen
>
> On Wednesday, March 9, 2011, Greg Hendershott <greghendershott at gmail.com> wrote:
>> If you're wanting to connect to Exchange Server as e.g. hosted by
>> Microsoft i.e. smtp.mail.microsoftonline.com, then it requires you to
>> connect on port 587 (not encrypted), then issue STARTTLS to switch to
>> encryption, then do AUTH LOGIN. (AUTH PLAIN won't work, ergo my mod of
>> net/smtp's smtp-send-message.)
>>
>> With such modified smtp-send-message, you want to pass it:
>>
>> 587 for port-no
>> the default tcp-connect for #:tcp-connect
>> ports->ssl-ports for #:tls-encode
>> a valid user and pwd on that Exchange Server, for #:auth-user and #:auth-passwd.
>>
>> This means connect to port 587 using normal tcp-connect unencrypted,
>> then use STARTTLS and ports->ssl-ports to switch over to TLS, then
>> authorize using the name and password.
>>
>> This should work.
>>
>> On Tue, Mar 8, 2011 at 3:20 AM, Stephen De Gabrielle
>> <spdegabrielle at gmail.com> wrote:
>>> Thanks Greg,
>>>
>>> I'll test your patch against the Exchange server I'm wanting to connect to.
>>> S.
>>>
>>> On Mon, Mar 7, 2011 at 9:20 PM, Greg Hendershott <greghendershott at gmail.com>
>>> wrote:
>>>>
>>>> > Does anyone have an example of using #:tls-encode (net/smtp)?
>>>>
>>>> No, in fact I'm seeing it fail today with an SMTP server that requires
>>>> TLS on port 587.
>>>>
>>>> The reason seems to be that the server is expecting AUTH LOGIN whereas
>>>> net/smtp only does AUTH PLAIN.
>>>>
>>>> I was able to get it to work (with this particular server) by making a
>>>> local copy of smtp-send-message from net/smtp-unit.rkt and modifying
>>>> lines 96-103:
>>>>
>>>>    (when auth-user
>>>>      (log "auth\n")
>>>>      (fprintf w "AUTH PLAIN ~a"
>>>>               ;; Encoding adds CRLF
>>>>               (base64-encode
>>>>                (string->bytes/latin-1
>>>>                 (format "~a\0~a\0~a" auth-user auth-user auth-passwd))))
>>>>      (check-reply r 235 w))
>>>>
>>>> to be this instead:
>>>>
>>>>    (when auth-user
>>>>      (if tls-encode
>>>>          (begin
>>>>            (log "auth login\n")
>>>>            (fprintf w "AUTH LOGIN\r\n")
>>>>            (check-reply r 334 w)
>>>>            (fprintf w "~a"             ;encoding adds CRLF
>>>>                     (base64-encode
>>>>                      (string->bytes/latin-1 auth-user)))
>>>>            (check-reply r 334 w)
>>>>            (fprintf w "~a"             ;encoding adds CRLF
>>>>                     (base64-encode
>>>>                      (string->bytes/latin-1 auth-passwd)))
>>>>            (check-reply r 235 w))
>>>>          (begin
>>>>            (log "auth plain\n")
>>>>            (fprintf w "AUTH PLAIN ~a" ;encoding adds CRLF
>>>>                     (base64-encode
>>>>                      (string->bytes/latin-1
>>>>                       (format "~a\0~a\0~a" auth-user auth-user
>>>> auth-passwd))))
>>>>            (check-reply r 235 w))))
>>>>
>>>> i.e. I tried to keep the AUTH PLAIN case while providing AUTH LOGIN on
>>>> the assumption it will always be wanted when doing TLS. I don't deeply
>>>> know the SMTP protocol. This is based on me observing one specific
>>>> server and guessing what would work. That said, I hope this may help.
>>>>
>>>>
>>>> On Fri, Feb 4, 2011 at 7:51 AM, Stephen De Gabrielle
>>>> <spdegabrielle at gmail.com> wrote:
>>>> > Hi,
>>>> >
>>>> > Does anyone have an example of using #:tls-encode (net/smtp)?
>>>> >
>>>> > Cheers,
>>>> >
>>>> > Stephen
>>>> >
>>>> > --
>>>> > Stephen De Gabrielle
>>>> > stephen.degabrielle at acm.org
>>>> > Telephone +44 (0)20 85670911
>>>> > Mobile        +44 (0)79 85189045
>>>> > http://www.degabrielle.name/stephen
>>>> >
>>
>
> --
>
> --
> Stephen De Gabrielle
> stephen.degabrielle at acm.org
> Telephone +44 (0)20 85670911
> Mobile        +44 (0)79 85189045
> http://www.degabrielle.name/stephen
>
Posted on the users mailing list.
Previous message: [racket] (smtp-send-message ...) with #:tls-encode
Next message: [racket] (smtp-send-message ...) with #:tls-encode
Messages sorted by: [date] [thread] [subject] [author]