Prev: FAQ 5.4 How do I delete the last N lines from a file?
Next: FAQ 4.61 How can I always keep my hash sorted?
From: Uno on 16 May 2010 01:09 Hello newsgroup, I'm trying to use thunderbird to get an e-mail capability on linux, and since this is the only reason I have to boot windows at all, I'd like to figure it out. Where I'm stuck right now is that I know OE uses SSL authentication to get my mail successfully when I ask for it, but the t-bird set-up is telling me that the server does not support it. http://i42.tinypic.com/s5vktk.jpg This image shows what qwest says are the thunderbird settings. I admit the possibility that qwest is a crappy corporation with misleading information, but the evidence points elsewhere. When I change thunderbird's settings to be analogous to the above, then I get this: http://i39.tinypic.com/28ulb3d.jpg Can I use the perl programming language to determine whether what type of authentication this server understands? Thanks for your comment and cheers, -- Uno
From: Peter J. Holzer on 16 May 2010 08:20 On 2010-05-16 05:09, Uno <merrilljensen(a)q.com> wrote: > I'm trying to use thunderbird to get an e-mail capability on linux, and > since this is the only reason I have to boot windows at all, I'd like to > figure it out. > > Where I'm stuck right now is that I know OE uses SSL authentication to > get my mail successfully when I ask for it, but the t-bird set-up is > telling me that the server does not support it. [...] > http://i39.tinypic.com/28ulb3d.jpg "SSL Authentication" != "Secure Authentication". You probably just have to turn "Secure Authentication" off (but leave STARTTLS on). > Can I use the perl programming language to determine whether what type > of authentication this server understands? Yes. However, you don't have to write that program yourself, as somebody has already done it: Look for "swaks" (the SWiss Army Knife for Smtp). Some linux distributions (e.g. Debian) include it, or you can download it from http://www.jetmore.org/john/code/swaks/ hp
From: Uno on 16 May 2010 17:43 On 5/16/2010 6:20 AM, Peter J. Holzer wrote: > On 2010-05-16 05:09, Uno<merrilljensen(a)q.com> wrote: >> I'm trying to use thunderbird to get an e-mail capability on linux, and >> since this is the only reason I have to boot windows at all, I'd like to >> figure it out. >> >> Where I'm stuck right now is that I know OE uses SSL authentication to >> get my mail successfully when I ask for it, but the t-bird set-up is >> telling me that the server does not support it. > [...] >> http://i39.tinypic.com/28ulb3d.jpg > > "SSL Authentication" != "Secure Authentication". > > You probably just have to turn "Secure Authentication" off (but leave > STARTTLS on). What was going on here was that I was conflating secure connections and secure authentication. The latter is an MS thing, and the whole picture you get of it as a windows user slightly distorts what is actually happening. I was "sure" that I was using SSL, and in my head it sounded right that a secure socket layer would employ secure authentication. They are completely separate notions. So, problem solved by unchecking a box. > > >> Can I use the perl programming language to determine whether what type >> of authentication this server understands? > > Yes. However, you don't have to write that program yourself, as somebody > has already done it: Look for "swaks" (the SWiss Army Knife for Smtp). > Some linux distributions (e.g. Debian) include it, or you can download > it from http://www.jetmore.org/john/code/swaks/ Well, hot damn: > $ swaks --to merrilljensen(a)q.com --server pop3.live.com === Trying pop3.live.com:25... *** Error connecting 0.0.0.0 to pop3.live.com:25: *** IO::Socket::INET: connect: timeout $ swaks --to merrilljensen(a)q.com --server smtp.live.com === Trying smtp.live.com:25... === Connected to smtp.live.com. <- 220 BLU0-SMTP21.blu0.hotmail.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Sun, 16 May 2010 14:29:18 -0700 -> EHLO dan-desktop <- 250-BLU0-SMTP21.blu0.hotmail.com Hello [97.123.175.133] <- 250-TURN <- 250-SIZE 35840000 <- 250-ETRN <- 250-PIPELINING <- 250-DSN <- 250-ENHANCEDSTATUSCODES <- 250-8bitmime <- 250-BINARYMIME <- 250-CHUNKING <- 250-VRFY <- 250-TLS <- 250-STARTTLS <- 250 OK -> MAIL FROM:<dan(a)dan-desktop> So ... what's all this? http://www.jetmore.org/john/code/swaks/latest/doc/ref.txt I didn't see in the documentation above any discussion on how to determine whether a server wants "secure authentication." Cheers, -- Uno
From: Ilya Zakharevich on 16 May 2010 19:08 On 2010-05-16, Uno <merrilljensen(a)q.com> wrote: > I was "sure" that I was using SSL, and in my head it sounded right that > a secure socket layer would employ secure authentication. They are > completely separate notions. Secure connection makes absolutely no sense without secure authentication (well, "almost" - one can invent a FEW types of attacks which may be stopped by "just SSL" - but why would the attackers restrict themselves?). The standard analogy of secure connection is sending a parcel guarded by a policeman on route. The standard analogy of having no secure authentication is leaving a package on a bench in a public park so that the other party may come and pick it up. Now imagine doing both... > So, problem solved by unchecking a box. Hardly. Hope this helps, Ilya
From: sln on 16 May 2010 20:34 On Sun, 16 May 2010 23:08:53 +0000 (UTC), Ilya Zakharevich <nospam-abuse(a)ilyaz.org> wrote: >On 2010-05-16, Uno <merrilljensen(a)q.com> wrote: >> I was "sure" that I was using SSL, and in my head it sounded right that >> a secure socket layer would employ secure authentication. They are >> completely separate notions. > >Secure connection makes absolutely no sense without secure >authentication (well, "almost" - one can invent a FEW types of attacks >which may be stopped by "just SSL" - but why would the attackers >restrict themselves?). > >The standard analogy of secure connection is sending a parcel guarded >by a policeman on route. The standard analogy of having no secure >authentication is leaving a package on a bench in a public park so >that the other party may come and pick it up. Now imagine doing >both... > >> So, problem solved by unchecking a box. > >Hardly. > This all sounds very criminal. -sln
|
Next
|
Last
Pages: 1 2 3 4 Prev: FAQ 5.4 How do I delete the last N lines from a file? Next: FAQ 4.61 How can I always keep my hash sorted? |