[racket] (smtp-send-message ...) with #:tls-encode
To clarify:
> Again this won't work with the smtp-send-message provided by net/smtp.
> You need to modify it to handle STARTTLS as I showed before.
The stock smtp-send-message MIGHT work with Gmail (I haven't tried)
but it definitely will NOT work with hosted Exchange.
HTH.
On Wed, Mar 9, 2011 at 12:04 PM, Greg Hendershott
<greghendershott at gmail.com> wrote:
> It looks like Gmail supports the port 587 STARTTLS approach exactly
> the same as does hosted Exchange (Gmail also supports connecting using
> SSL on port 465).
>
> So you can use the same approach (port 587 STARTTLS) testing against
> both servers:
>
> (smtp-send-message
> server ; "smtp.gmail.com" or "smtp.mail.microsoftonline.com"
> from
> to
> header
> body
> #:port-no 587
> #:auth-user "name"
> #:auth-passwd "passwd"
> #:tcp-connect tcp-connect ; the default value; do NOT supply `ssl-connect'.
> #:tls-encode: ports->ssl-ports
> )
>
> For me that works with both smtp.gmail.com and smtp.mail.microsoftonline.com.
>
> Again this won't work with the smtp-send-message provided by net/smtp.
> You need to modify it to handle STARTTLS as I showed before.
>
> I hope this helps!
>
> On Wed, Mar 9, 2011 at 8:39 AM, Stephen De Gabrielle
> <stephen.degabrielle at acm.org> wrote:
>> I *am* trying to connect to a exchange server, I just used gmail as a
>> acceptable public target.
>>
>> I'll try again, though I suspect a proxy server it the problem. I
>> can't tell because the server response is truncated. :(
>>
>> Thanks again,
>>
>> Stephen
>>
>> On Wednesday, March 9, 2011, Greg Hendershott <greghendershott at gmail.com> wrote:
>>> If you're wanting to connect to Exchange Server as e.g. hosted by
>>> Microsoft i.e. smtp.mail.microsoftonline.com, then it requires you to
>>> connect on port 587 (not encrypted), then issue STARTTLS to switch to
>>> encryption, then do AUTH LOGIN. (AUTH PLAIN won't work, ergo my mod of
>>> net/smtp's smtp-send-message.)
>>>
>>> With such modified smtp-send-message, you want to pass it:
>>>
>>> 587 for port-no
>>> the default tcp-connect for #:tcp-connect
>>> ports->ssl-ports for #:tls-encode
>>> a valid user and pwd on that Exchange Server, for #:auth-user and #:auth-passwd.
>>>
>>> This means connect to port 587 using normal tcp-connect unencrypted,
>>> then use STARTTLS and ports->ssl-ports to switch over to TLS, then
>>> authorize using the name and password.
>>>
>>> This should work.
>>>
>>> On Tue, Mar 8, 2011 at 3:20 AM, Stephen De Gabrielle
>>> <spdegabrielle at gmail.com> wrote:
>>>> Thanks Greg,
>>>>
>>>> I'll test your patch against the Exchange server I'm wanting to connect to.
>>>> S.
>>>>
>>>> On Mon, Mar 7, 2011 at 9:20 PM, Greg Hendershott <greghendershott at gmail.com>
>>>> wrote:
>>>>>
>>>>> > Does anyone have an example of using #:tls-encode (net/smtp)?
>>>>>
>>>>> No, in fact I'm seeing it fail today with an SMTP server that requires
>>>>> TLS on port 587.
>>>>>
>>>>> The reason seems to be that the server is expecting AUTH LOGIN whereas
>>>>> net/smtp only does AUTH PLAIN.
>>>>>
>>>>> I was able to get it to work (with this particular server) by making a
>>>>> local copy of smtp-send-message from net/smtp-unit.rkt and modifying
>>>>> lines 96-103:
>>>>>
>>>>> (when auth-user
>>>>> (log "auth\n")
>>>>> (fprintf w "AUTH PLAIN ~a"
>>>>> ;; Encoding adds CRLF
>>>>> (base64-encode
>>>>> (string->bytes/latin-1
>>>>> (format "~a\0~a\0~a" auth-user auth-user auth-passwd))))
>>>>> (check-reply r 235 w))
>>>>>
>>>>> to be this instead:
>>>>>
>>>>> (when auth-user
>>>>> (if tls-encode
>>>>> (begin
>>>>> (log "auth login\n")
>>>>> (fprintf w "AUTH LOGIN\r\n")
>>>>> (check-reply r 334 w)
>>>>> (fprintf w "~a" ;encoding adds CRLF
>>>>> (base64-encode
>>>>> (string->bytes/latin-1 auth-user)))
>>>>> (check-reply r 334 w)
>>>>> (fprintf w "~a" ;encoding adds CRLF
>>>>> (base64-encode
>>>>> (string->bytes/latin-1 auth-passwd)))
>>>>> (check-reply r 235 w))
>>>>> (begin
>>>>> (log "auth plain\n")
>>>>> (fprintf w "AUTH PLAIN ~a" ;encoding adds CRLF
>>>>> (base64-encode
>>>>> (string->bytes/latin-1
>>>>> (format "~a\0~a\0~a" auth-user auth-user
>>>>> auth-passwd))))
>>>>> (check-reply r 235 w))))
>>>>>
>>>>> i.e. I tried to keep the AUTH PLAIN case while providing AUTH LOGIN on
>>>>> the assumption it will always be wanted when doing TLS. I don't deeply
>>>>> know the SMTP protocol. This is based on me observing one specific
>>>>> server and guessing what would work. That said, I hope this may help.
>>>>>
>>>>>
>>>>> On Fri, Feb 4, 2011 at 7:51 AM, Stephen De Gabrielle
>>>>> <spdegabrielle at gmail.com> wrote:
>>>>> > Hi,
>>>>> >
>>>>> > Does anyone have an example of using #:tls-encode (net/smtp)?
>>>>> >
>>>>> > Cheers,
>>>>> >
>>>>> > Stephen
>>>>> >
>>>>> > --
>>>>> > Stephen De Gabrielle
>>>>> > stephen.degabrielle at acm.org
>>>>> > Telephone +44 (0)20 85670911
>>>>> > Mobile +44 (0)79 85189045
>>>>> > http://www.degabrielle.name/stephen
>>>>> >
>>>
>>
>> --
>>
>> --
>> Stephen De Gabrielle
>> stephen.degabrielle at acm.org
>> Telephone +44 (0)20 85670911
>> Mobile +44 (0)79 85189045
>> http://www.degabrielle.name/stephen
>>
>