View Issue Details

IDProjectCategoryView StatusLast Update
0001288Main CAcert Websiteaccount administrationpublic2019-02-27 21:00
ReporterBenBEAssigned ToNEOatNHNG 
PrioritynormalSeveritytweakReproducibilityalways
Status closedResolutionfixed 
Product Version2014 Q3 
Target Version2014 Q4Fixed in Version2014 Q3 
Summary0001288: Support STARTTLS when doing a ping mail
DescriptionSome mailservers only accept mails via encrypted connections.
Taken from support ticket s20140610.61
Steps To ReproduceTry to get a email address at mailbox.org into your account.
Additional InformationSource references:
https://github.com/PHPMailer/PHPMailer/blob/master/class.smtp.php#L272
https://github.com/CAcertOrg/cacert-devel/blob/release/includes/general.php#L557

When STARTTLS is supported prefer encrypted and fallback to unencrypted if STARTTLS fails.
TagsNo tags attached.
Reviewed byNEOatNHNG, BenBE
Test InstructionsTry to add an email address on a domain like mailbox.org that rejects unencrypted connections. Add an email on unencrypted only.

Relationships

related to 0001460 newTed Show mailserver error when creating new account 

Activities

felixd

2014-07-02 17:45

updater   ~0004879

The given source reference doesn't produce an error for mailbox.org:

$ telnet mx3.mailbox.org 25
Trying 80.241.60.216...
Connected to mx3.mailbox.org.
Escape character is '^]'.
220 mx3.mailbox.org ESMTP Postfix
HELO cacert.org
250 mx3.mailbox.org
MAIL FROM: <support@cacert.org>
250 2.1.0 Ok
RCPT TO: <postmaster@mailbox.org>
250 2.1.5 Ok
QUIT
221 2.0.0 Bye

The actual Mails should be sent via local mailserver:
https://github.com/CAcertOrg/cacert-devel/blob/release/includes/mysql.php.sample#L49
so this problem should be a server-config problem isn't it?

BenBE

2014-11-29 13:07

updater   ~0005133

Initial Patch

BenBE

2014-11-29 13:10

updater   ~0005135

felixd in comment 4879: postmaster and some other addresses cause special handling as required by RFC: Must be accepted. A non-RFC-recipient would have been required for this test.

MartinGummi

2014-11-29 13:46

updater   ~0005136

Last edited: 2014-11-29 13:47

View 2 revisions

Add email adress *@mailbox.org

debug:

Testing mailserver mailbox.org on port 25
Found STARTTLS ... negotiating ...
QUIT: 250 2.1.5 Ok


Test successful

=> OK

MartinGummi

2014-12-02 20:39

updater   ~0005147

Last edited: 2014-12-02 20:39

View 2 revisions

2nd Test


Testing connection to mx2.mailbox.org:25 ...
STARTTLS detected ... negotiating
QUIT: 250 2.1.5 Ok


=> OK

felixd

2014-12-02 20:39

updater   ~0005148

Adding any email address leads currently to this debug output:

Testing connection to m10.dogcraft.de:25 ...
STARTTLS detected ... negotiating
QUIT: 250 2.1.5 Ok

A patch file indicates that the given debug message shows that TLS was successfully negotiated.

=> OK

NEOatNHNG

2014-12-04 16:27

administrator   ~0005156

Review OK. Ready to release.

NEOatNHNG

2014-12-05 00:08

administrator   ~0005158

Mail sent to critical admins

wytze

2014-12-05 09:16

developer   ~0005161

The fix has been installed on the production server on December 5, 2014. See also:
https://lists.cacert.org/wws/arc/cacert-systemlog/2014-12/msg00003.html

Issue History

Date Modified Username Field Change
2014-07-02 16:47 BenBE New Issue
2014-07-02 16:47 BenBE Assigned To => felixd
2014-07-02 16:49 INOPIAE Description Updated View Revisions
2014-07-02 17:45 felixd Note Added: 0004879
2014-11-29 13:00 BenBE Source_changeset_attached => cacert-devel testserver-stable 00c7fb36
2014-11-29 13:00 BenBE Source_changeset_attached => cacert-devel testserver-stable 56f22618
2014-11-29 13:07 BenBE Reviewed by => BenBE
2014-11-29 13:07 BenBE Test Instructions => Try to add an email address on a domain like mailbox.org that rejects unencrypted connections. Add an email on unencrypted only.
2014-11-29 13:07 BenBE Note Added: 0005133
2014-11-29 13:07 BenBE Assigned To felixd => NEOatNHNG
2014-11-29 13:07 BenBE Status new => needs review & testing
2014-11-29 13:07 BenBE Target Version 2014 Q3 => 2014 Q4
2014-11-29 13:10 BenBE Note Added: 0005135
2014-11-29 13:45 BenBE Source_changeset_attached => cacert-devel testserver-stable 34c3a638
2014-11-29 13:45 BenBE Source_changeset_attached => cacert-devel testserver-stable 25936445
2014-11-29 13:45 BenBE Source_changeset_attached => cacert-devel testserver-stable ff0f3887
2014-11-29 13:46 MartinGummi Note Added: 0005136
2014-11-29 13:47 MartinGummi Note Edited: 0005136 View Revisions
2014-11-30 00:35 BenBE Source_changeset_attached => cacert-devel testserver-stable a31cb942
2014-11-30 00:35 BenBE Source_changeset_attached => cacert-devel testserver-stable fc29c30e
2014-11-30 17:45 BenBE Source_changeset_attached => cacert-devel testserver-stable fd40b403
2014-11-30 17:45 BenBE Source_changeset_attached => cacert-devel testserver-stable ae094ec4
2014-12-02 20:39 MartinGummi Note Added: 0005147
2014-12-02 20:39 MartinGummi Note Edited: 0005147 View Revisions
2014-12-02 20:39 felixd Note Added: 0005148
2014-12-02 20:40 felixd Status needs review & testing => needs review
2014-12-04 16:27 NEOatNHNG Reviewed by BenBE => NEOatNHNG, BenBE
2014-12-04 16:27 NEOatNHNG Note Added: 0005156
2014-12-04 16:27 NEOatNHNG Status needs review => ready to deploy
2014-12-05 00:08 NEOatNHNG Note Added: 0005158
2014-12-05 00:35 NEOatNHNG Source_changeset_attached => cacert-devel release 86c04b83
2014-12-05 09:16 wytze Note Added: 0005161
2014-12-05 09:16 wytze Status ready to deploy => solved?
2014-12-05 09:16 wytze Fixed in Version => 2014 Q3
2014-12-05 09:16 wytze Resolution open => fixed
2015-03-10 20:11 INOPIAE Status solved? => closed
2019-02-27 21:00 Ted Relationship added related to 0001460