![]() |
Modest Email - is the connection fully encrypted?
Modest is at version 3.90.7-13.5 (apparently the same in testing and devel), libtinymail-camel-1.0-0 is at 1.1.92+1cssu7 (apparently the same in testing and devel, and recommended to fix some ssl/tls issues)
After some fiddling I managed to get the connection work like this: - Incoming mail server (IMAP) with TLS using port 143 - Outgoing mail server (SMTP) with TLS using port 587 According to my mail provider this means that the connection is actually STARTTLS and not TLS/SSL because of the ports I'm using. Using the ports for full TLS/SSL encryption I get errors, it does not work with either TLS or SSL setting in Modest's account preferences. I wonder what that means. Why can it start unencrypted and then switch to an encrypted connection, but can not start an encrypted connection straight away? This is how my desktop clients are set up for the same provider. I can see on the linked page that "The connection to Posteo is always encrypted (STARTTLS, TLS or SSL)" but it makes me wonder nevertheless. Can I check this somehow? Full error messages? Does Modest have settings/config/log files somewhere? Could not 'find' anything. On a side note, is there another good mail client? |
Re: Modest Email - is the connection fully encrypted?
Modest uses the microb-engine and the microb-engine uses libnss3.
You could try install modest, microb-engine, libnss3, libnss3-certs, and maybe other packages from cssu-devel. But make a backup first. http://maemo.merlin1991.at/cssu/comm...microb-engine/ http://maemo.merlin1991.at/cssu/comm...free/m/modest/ Source codes: https://github.com/community-ssu/microb-engine https://github.com/community-ssu/modest Update I think in progress.. https://github.com/jonwil/microb-engine-ff24/ To debug: [1] Quote:
[2] Quote:
[2] https://github.com/community-ssu/mod...r/man/modest.1 |
Re: Modest Email - is the connection fully encrypted?
Thanks a lot.
I will make a backup, then hopefully generate some output from modest. What would you recommend: Make these experimental changes, or use a different mail client (which)? |
Re: Modest Email - is the connection fully encrypted?
There is claws-mail and mutt (console), but these need work to get it compiled with latest openssl version.
And there is qmfmail and trojita which maybe also need a fix and recompilation for use with latest libqt4-network. I will look into qmfmail. |
Re: Modest Email - is the connection fully encrypted?
Quote:
Modest does work atm, and since my mail provider clearly states that it does not allow unencrypted connections, I have to assume that STARTTLS works (initially unencrypted contact to kick off an encrypted connection). But fully encrypted would be safer. On a side note, would upgrading these packages also somehow improve the browser? The debugging unfortunately did not help much; the dbus method gives very little information. Same for the command line method (with MODEST_DEBUG=debug-code:log-actions:debug-objects:debug-signals). None of it pertaining to connection protocols and such. :( I could show you, but it would be pointless. Back to non-descript error messages and trial & error. |
Re: Modest Email - is the connection fully encrypted?
Quote:
So in the past a fully encrypted connection was possible. So I guess the handshake will fail. Probably you need to update microb-engine to succeed, and the smaller fixes which are in the repository are not enough. So have a look what Jonwil did. Better would be to work on leste to make it useable, instead of working with the nearly dead maemo5. So when you working with qmf it could be also useful for leste, because the mer-core also has qmf which is used by sailfish os. Personally I don't use internet direct on N900 anymore, I am using the N900 as modem or to forward internet to my laptop. E-mail and browsing will be done on the laptop. The N900 is technically not secure, maybe only a bit due to its rareness. |
Re: Modest Email - is the connection fully encrypted?
Quote:
On re-thinking, I consider my E-Mail situation on N900 largely secure (please correct me if you think I'm grossly wrong there). As I said before elsewhere, web browsing is something I ruled out early on for this device. If I can get it to work with SSL and without javascript, good, but it's not a dealmaker or -breaker for me. Quote:
What is this QMF? |
All times are GMT. The time now is 21:54. |
vBulletin® Version 3.8.8