[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Fwd: busy box sendmail with -H option
From: Jean-Roch Blais <blaisjeanroch () gmail ! com>
Date: 2016-06-21 21:59:13
Message-ID: B0FC8009-86C9-4A5D-9CC4-3A1B991B7210 () gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello, sorry ... apparently I did everything wrong by sending this email to M. \
Vlasenko directly, as my kids used to tell me: "it's not me, and I wont do it again" \
:-) !
I just want to know how to correct an small problem with sendmail or how to proceed \
about it to get this fixed if possible.
Thank you
jrb.
Début du message réexpédié :
> De: Jean-Roch Blais <blaisjeanroch@gmail.com>
> Objet: busy box sendmail with -H option
> Date: 20 juin 2016 16:21:23 UTC−4
> À: dvlasenko1@gmail.com
>
> Hello busybox maintainer,
>
> Denys, do you have any patch or tip to get sendmail to connect to an esmtp server \
> like smtp.videotron.ca:465 using tls and auth. If you refer to this posting (#139) \
> http://www.snbforums.com/threads/notifications-e-mail.8190/page-7#post-266597 you \
> will see what I was trying to do...
> Reading the source code for busybox sendmail I found this might be the trouble...
>
> // connection helper ordered? ->
> if (opts & OPT_H) {
> const char *args[] = { "sh", "-c", opt_connect, NULL };
> // plug it in
> launch_helper(args);
> // Now:
> // our stdout will go to helper's stdin,
> // helper's stdout will be available on our stdin.
>
> // Wait for initial server message.
> // If helper (such as openssl) invokes STARTTLS, the initial 220
> // is swallowed by helper (and not repeated after TLS is initiated).
> // We will send NOOP cmd to server and check the response.
> // We should get 220+250 on plain connection, 250 on STARTTLSed session.
> //
> // The problem here is some servers delay initial 220 message,
> // and consider client to be a spammer if it starts sending cmds
> // before 220 reached it. The code below is unsafe in this regard:
> // in non-STARTTLSed case, we potentially send NOOP before 220
> // is sent by server.
> // Ideas? (--delay SECS opt? --assume-starttls-helper opt?)
> code = smtp_check("NOOP", -1);
> if (code == 220)
> // we got 220 - this is not STARTTLSed connection,
> // eat 250 response to our NOOP
> smtp_check(NULL, 250);
> else
> if (code != 250)
>
>
> I guess a delay before sending the NOOP might fix this, because when I connect \
> manually with:
> openssl s_client -quiet -CAfile Certificats.pem -connect smtp.videotron.ca:465 \
> -tls1
> I get:
>
> depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 \
> VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary \
> Certification Authority - G5 verify return:1
> depth=1 C = US, O = Symantec Corporation, OU = Symantec Trust Network, CN = \
> Symantec Class 3 Secure Server CA - G4 verify return:1
> depth=0 C = CA, ST = Quebec, L = Montreal, O = Videotron s.e.n.c., OU = Ingenierie, \
> CN = smtp.videotron.ca verify return:1
> 220 smtp.videotron.ca Videotron ESMTP server ready
>
> and I type:
>
> ehlo testing
> 250-smtp.videotron.ca hello [74.57.149.113], pleased to meet you
> 250-HELP
> 250-AUTH LOGIN PLAIN
> 250-SIZE 35840000
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 OK
> quit
> 221 2.0.0 smtp.videotron.ca Videotron closing connection
> read:errno=0
>
> So you see the smtp server is there and awaits the rest of the smtp connection \
> commands. But whenever I use this command: sendmail -v -H"exec openssl s_client \
> -quiet -CAfile Certificats.pem -tls1 -connect smtp.videotron.ca:465 -pause" \
> </tmp/mail.txt -froot@firewall -auxxxxxxxxx -apyyyyyyyyy blaisjeanroch@gmail.com, \
> it only works randomly, about one time out of 5 or 10 tries. I'm even surprised \
> that it works !
> Thanks for your time
>
> jrb.
>
>
>
[Attachment #5 (unknown)]
<html><head><meta http-equiv="Content-Type" content="text/html \
charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; \
-webkit-line-break: after-white-space;">Hello, sorry ... apparently I did everything \
wrong by sending this email to M. Vlasenko directly, as my kids used to tell me: \
"it's not me, and I wont do it again" :-) !<div><br></div><div>I just want to know \
how to correct an small problem with sendmail or how to proceed about it to get this \
fixed if possible.</div><div><br></div><div>Thank \
you </div><div><br></div><div>jrb.</div><div> </div><div><div><div>Début \
du message réexpédié :</div><br class="Apple-interchange-newline"><blockquote \
type="cite"><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; \
margin-left: 0px;"><span style="font-family:'Helvetica'; color:rgba(0, 0, 0, \
1.0);"><b>De: </b></span><span style="font-family:'Helvetica';">Jean-Roch Blais \
<<a href="mailto:blaisjeanroch@gmail.com">blaisjeanroch@gmail.com</a>><br></span></div><div \
style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: \
0px;"><span style="font-family:'Helvetica'; color:rgba(0, 0, 0, 1.0);"><b>Objet: \
</b></span><span style="font-family:'Helvetica';"><b>busy box sendmail with -H \
option</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; \
margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; \
color:rgba(0, 0, 0, 1.0);"><b>Date: </b></span><span \
style="font-family:'Helvetica';">20 juin 2016 16:21:23 UTC−4<br></span></div><div \
style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: \
0px;"><span style="font-family:'Helvetica'; color:rgba(0, 0, 0, 1.0);"><b>À: \
</b></span><span style="font-family:'Helvetica';"><a \
href="mailto:dvlasenko1@gmail.com">dvlasenko1@gmail.com</a><br></span></div><br><div><meta \
http-equiv="Content-Type" content="text/html charset=us-ascii"><div style="word-wrap: \
break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">Hello \
busybox maintainer,<div><br></div><div>Denys, do you have any patch or tip to get \
sendmail to connect to an esmtp server like <a \
href="http://smtp.videotron.ca/">smtp.videotron.ca</a>:465 using tls and auth. If you \
refer to this posting (#139) <a \
href="http://www.snbforums.com/threads/notifications-e-mail.8190/page-7#post-266597">http://www.snbforums.com/threads/notifications-e-mail.8190/page-7#post-266597</a> \
you will see what I was trying to do... </div><div><br></div><div>Reading the \
source code for busybox sendmail I found this might be the \
trouble...</div><div><br></div><div><div style="margin: 0px; font-size: 11px; \
font-family: Menlo; color: rgb(0, 132, 0);">// connection helper ordered? \
-></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;"><span \
class="Apple-tab-span" style="white-space: pre;"> </span><span style="color: rgb(187, \
44, 162);">if</span> (opts & OPT_H) {</div><div style="margin: 0px; \
font-size: 11px; font-family: Menlo;"><span class="Apple-tab-span" \
style="white-space: pre;"> </span><span style="color: rgb(187, 44, \
162);">const</span> <span style="color: rgb(187, 44, \
162);">char</span> *args[] = { <span style="color: rgb(209, 47, \
27);">"sh"</span>, <span style="color: rgb(209, 47, 27);">"-c"</span>, \
opt_connect, <span style="color: rgb(187, 44, \
162);">NULL</span> };</div><div style="margin: 0px; font-size: 11px; \
font-family: Menlo; color: rgb(0, 132, 0);"><span style=""><span \
class="Apple-tab-span" style="white-space: pre;"> </span></span>// plug it \
in</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;"><span \
class="Apple-tab-span" style="white-space: \
pre;"> </span>launch_helper(args);</div><div style="margin: 0px; font-size: 11px; \
font-family: Menlo; color: rgb(0, 132, 0);"><span style=""><span \
class="Apple-tab-span" style="white-space: pre;"> </span></span>// Now:</div><div \
style="margin: 0px; font-size: 11px; font-family: Menlo; color: rgb(0, 132, \
0);"><span style=""><span class="Apple-tab-span" style="white-space: \
pre;"> </span></span>// our stdout will go to helper's stdin,</div><div \
style="margin: 0px; font-size: 11px; font-family: Menlo; color: rgb(0, 132, \
0);"><span style=""><span class="Apple-tab-span" style="white-space: \
pre;"> </span></span>// helper's stdout will be available on our stdin.</div><div \
style="margin: 0px; font-size: 11px; font-family: Menlo; min-height: \
13px;"><br></div><div style="margin: 0px; font-size: 11px; font-family: Menlo; color: \
rgb(0, 132, 0);"><span style=""><span class="Apple-tab-span" style="white-space: \
pre;"> </span></span>// Wait for initial server message.</div><div style="margin: \
0px; font-size: 11px; font-family: Menlo; color: rgb(0, 132, 0);"><span \
style=""><span class="Apple-tab-span" style="white-space: pre;"> </span></span>// If \
helper (such as openssl) invokes STARTTLS, the initial 220</div><div style="margin: \
0px; font-size: 11px; font-family: Menlo; color: rgb(0, 132, 0);"><span \
style=""><span class="Apple-tab-span" style="white-space: pre;"> </span></span>// is \
swallowed by helper (and not repeated after TLS is initiated).</div><div \
style="margin: 0px; font-size: 11px; font-family: Menlo; color: rgb(0, 132, \
0);"><span style=""><span class="Apple-tab-span" style="white-space: \
pre;"> </span></span>// We will send NOOP cmd to server and check the \
response.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo; color: \
rgb(0, 132, 0);"><span style=""><span class="Apple-tab-span" style="white-space: \
pre;"> </span></span>// We should get 220+250 on plain connection, 250 on STARTTLSed \
session.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;"><span \
class="Apple-tab-span" style="white-space: pre;"> </span><span style="color: rgb(0, \
132, 0);">//</span></div><div style="margin: 0px; font-size: 11px; font-family: \
Menlo; color: rgb(0, 132, 0);"><span style=""><span class="Apple-tab-span" \
style="white-space: pre;"> </span></span>// The problem here is some servers delay \
initial 220 message,</div><div style="margin: 0px; font-size: 11px; font-family: \
Menlo; color: rgb(0, 132, 0);"><span style=""><span class="Apple-tab-span" \
style="white-space: pre;"> </span></span>// and consider client to be a spammer if \
it starts sending cmds</div><div style="margin: 0px; font-size: 11px; font-family: \
Menlo; color: rgb(0, 132, 0);"><span style=""><span class="Apple-tab-span" \
style="white-space: pre;"> </span></span>// before 220 reached it. The code below is \
unsafe in this regard:</div><div style="margin: 0px; font-size: 11px; font-family: \
Menlo; color: rgb(0, 132, 0);"><span style=""><span class="Apple-tab-span" \
style="white-space: pre;"> </span></span>// in non-STARTTLSed case, we potentially \
send NOOP before 220</div><div style="margin: 0px; font-size: 11px; font-family: \
Menlo; color: rgb(0, 132, 0);"><span style=""><span class="Apple-tab-span" \
style="white-space: pre;"> </span></span>// is sent by server.</div><div \
style="margin: 0px; font-size: 11px; font-family: Menlo; color: rgb(0, 132, \
0);"><span style=""><span class="Apple-tab-span" style="white-space: \
pre;"> </span></span>// Ideas? (--delay SECS opt? --assume-starttls-helper \
opt?)</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;"><span \
class="Apple-tab-span" style="white-space: pre;"> </span>code = smtp_check(<span \
style="color: rgb(209, 47, 27);">"NOOP"</span>, -<span style="color: rgb(39, 42, \
216);">1</span>);</div><div style="margin: 0px; font-size: 11px; font-family: \
Menlo;"><span class="Apple-tab-span" style="white-space: pre;"> </span><span \
style="color: rgb(187, 44, 162);">if</span> (code == <span style="color: \
rgb(39, 42, 216);">220</span>)</div><div style="margin: 0px; font-size: 11px; \
font-family: Menlo; color: rgb(0, 132, 0);"><span style=""><span \
class="Apple-tab-span" style="white-space: pre;"> </span></span>// we got 220 - \
this is not STARTTLSed connection,</div><div style="margin: 0px; font-size: 11px; \
font-family: Menlo; color: rgb(0, 132, 0);"><span style=""><span \
class="Apple-tab-span" style="white-space: pre;"> </span></span>// eat 250 response \
to our NOOP</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;"><span \
class="Apple-tab-span" style="white-space: pre;"> </span>smtp_check(<span \
style="color: rgb(187, 44, 162);">NULL</span>, <span style="color: rgb(39, 42, \
216);">250</span>);</div><div style="margin: 0px; font-size: 11px; font-family: \
Menlo; color: rgb(187, 44, 162);"><span style=""><span class="Apple-tab-span" \
style="white-space: pre;"> </span></span>else</div><div style="margin: 0px; \
font-size: 11px; font-family: Menlo;"><span class="Apple-tab-span" \
style="white-space: pre;"> </span><span style="color: rgb(187, 44, \
162);">if</span> (code != <span style="color: rgb(39, 42, \
216);">250</span>)</div></div><div><br></div><div><br></div><div>I guess a delay \
before sending the NOOP might fix this, because when I connect manually \
with:</div><div><div><br></div><div>openssl s_client -quiet -CAfile Certificats.pem \
-connect <a href="http://smtp.videotron.ca/">smtp.videotron.ca</a>:465 \
-tls1</div><div><br></div><div>I get: </div><div><br></div><div>depth=2 C = US, \
O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - \
For authorized use only", CN = VeriSign Class 3 Public Primary Certification \
Authority - G5</div><div>verify return:1</div><div>depth=1 C = US, O = Symantec \
Corporation, OU = Symantec Trust Network, CN = Symantec Class 3 Secure Server CA - \
G4</div><div>verify return:1</div><div>depth=0 C = CA, ST = Quebec, L = Montreal, O = \
Videotron s.e.n.c., OU = Ingenierie, CN = <a \
href="http://smtp.videotron.ca/">smtp.videotron.ca</a></div><div>verify \
return:1</div><div>220 <a href="http://smtp.videotron.ca/">smtp.videotron.ca</a> \
Videotron ESMTP server ready</div><div><br></div><div>and I \
type:</div><div><br></div><div>ehlo testing</div><div><a \
href="http://250-smtp.videotron.ca/">250-smtp.videotron.ca</a> hello [74.57.149.113], \
pleased to meet you</div><div>250-HELP</div><div>250-AUTH LOGIN \
PLAIN</div><div>250-SIZE \
35840000</div><div>250-ENHANCEDSTATUSCODES</div><div>250-8BITMIME</div><div>250 \
OK</div><div>quit</div><div>221 2.0.0 <a \
href="http://smtp.videotron.ca/">smtp.videotron.ca</a> Videotron closing \
connection</div><div>read:errno=0</div></div><div><br></div><div>So you see the smtp \
server is there and awaits the rest of the smtp connection commands. But whenever I \
use this command: </div><div>sendmail -v -H"exec openssl s_client -quiet -CAfile \
Certificats.pem -tls1 -connect <a \
href="http://smtp.videotron.ca/">smtp.videotron.ca</a>:465 -pause" </tmp/mail.txt \
-froot@firewall -auxxxxxxxxx -apyyyyyyyyy <a \
href="mailto:blaisjeanroch@gmail.com">blaisjeanroch@gmail.com</a>, it only works \
randomly, about one time out of 5 or 10 tries. I'm even surprised that it works \
! </div><div><br></div><div>Thanks for your \
time </div><div><br></div><div>jrb.</div><div><br></div><div><br></div><div><div \
style="margin: 0px; font-size: 11px; font-family: Menlo; color: rgb(0, 132, \
0);"><br></div></div></div></div></blockquote></div><br></div></body></html>
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic