[Bug 490044] Re: Implement SMTP AUTH in Mailman 3
In all honesty, I don't know the details. Looking at the smtplib code in Python 2.6 though, it essentially delegates everything to the socket layer. If the pem/cert files are given, it wraps the socket in an ssl socket, though it only provides a subset of the options available to ssl.wrap_socket(). That's the extent of smtplib's support AFAICT. Mailman won't support anything the underlying smtplib module doesn't support, so if changes need to happen there, it's best to do that in the context of Python development (though even there, likely nothing will change until Python 3.3 which is a long way off). -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/490044 Title: Implement SMTP AUTH in Mailman 3
* Barry Warsaw <490044@bugs.launchpad.net>:
In all honesty, I don't know the details. Looking at the smtplib code in Python 2.6 though, it essentially delegates everything to the socket layer. If the pem/cert files are given, it wraps the socket in an ssl socket, though it only provides a subset of the options available to ssl.wrap_socket(). That's the extent of smtplib's support AFAICT.
Erhm, misunderstanding? I wasn't talking about STARTTLS, but the possibility to control which SMTP AUTH mechnanism will be used. I took a look at the library and it seems like the library tries to do "the right thing": # List of authentication methods we support: from preferred to # less preferred methods. Except for the purpose of testing the weaker # ones, we prefer stronger methods like CRAM-MD5: preferred_auths = [AUTH_CRAM_MD5, AUTH_PLAIN, AUTH_LOGIN] CRAM-MD5 is fine, because the identity sent for authentication goes encrypted over the network. Not so PLAIN or LOGIN. They will only encoded (base64) over the Net. We should at least mention in the docs that if MM3 send authentication data over an unsecured network the submission server on the other end should support CRAM-MD5. If it does, smtplib will do the right (read: secure) thing. p@rick
Mailman won't support anything the underlying smtplib module doesn't support, so if changes need to happen there, it's best to do that in the context of Python development (though even there, likely nothing will change until Python 3.3 which is a long way off).
-- You received this bug notification because you are a direct subscriber of the bug. https://bugs.launchpad.net/bugs/490044
Title: Implement SMTP AUTH in Mailman 3
Status in GNU Mailman: Fix Committed
Bug description: Mailman 3 should support sending messages over submission port (587). The Submission RFC (4409, "Message Submission for Mail", http://www.rfc-editor.org/rfc/rfc4409.txt) requires SMTP AUTH, when messages are introduced on submission port.
Currently Mailman does not implement any SMTP AUTH functionality. It looks like Python's smtplib supports PLAIN, LOGIN, and CRAM-MD5. That would be sufficient. Additionally STARTTLS should be implemented to protect credentials when they are sent using either PLAIN or LOGIN.
To unsubscribe from this bug, go to: https://bugs.launchpad.net/mailman/+bug/490044/+subscribe
-- state of mind Digitale Kommunikation http://www.state-of-mind.de Franziskanerstraße 15 Telefon +49 89 3090 4664 81669 München Telefax +49 89 3090 4666 Amtsgericht München Partnerschaftsregister PR 563 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/490044 Title: Implement SMTP AUTH in Mailman 3
participants (2)
-
Barry Warsaw -
Patrick Ben Koetter