Active Topics
-
Firefox with Leste (10)
to Maemo 7 / Leste by teroyk - 3 days ago - more...
Malakai |
2014-10-27
, 21:21
|
|
Posts: 175 |
Thanked: 210 times |
Joined on Mar 2013
|
#11
|
Will try to see if this is the problem, but frankly I doubt it is.
| The Following User Says Thank You to Malakai For This Useful Post: | ||
 |
|
2014-10-27
, 21:33
|
|
Posts: 4,118 |
Thanked: 8,901 times |
Joined on Aug 2010
@ Ruhrgebiet, Germany
|
#12
|
I am pretty sure.
Else it may be a certificate problem, which I could exclude in my case.
Try
openssl s_client -connect imap.domain.net:993
or
openssl s_client -connect imap.domain.net:993 -ssl3
(should or better may fail)
openssl s_client -connect imap.domain.net:993 -tls1
(should work)
Else it may be a certificate problem, which I could exclude in my case.
Try
openssl s_client -connect imap.domain.net:993
or
openssl s_client -connect imap.domain.net:993 -ssl3
(should or better may fail)
openssl s_client -connect imap.domain.net:993 -tls1
(should work)
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
|
|
2014-10-28
, 08:59
|
|
Posts: 1,808 |
Thanked: 4,272 times |
Joined on Feb 2011
@ Germany
|
#13
|
Originally Posted by peterleinchen
I hope it tries TLS first (1.2, 1.1, 1.0) *and then* SSL.
A port is just a port.
Thunderbird will try TLS after SSL failed.
Re. "a port is just a port". STARTTLS is not just TLS over port 143. It is actually normal IMAP on 143 and then (when already "inside") switching to an encrypted channel (via TLS).
So you could not just hack Modest to to STARTTLS on 993 and hope it will work. (in case this was somehow implicitly being suggested).
I guess Fremantle is slowly becoming obsolete..
|
|
2014-10-28
, 21:06
|
|
Posts: 175 |
Thanked: 210 times |
Joined on Mar 2013
|
#14
|
Originally Posted by peterleinchen
So, when I execute openssl s_client -connect imap.domain.net:993 -ssl3, I get :
I am pretty sure.
Else it may be a certificate problem, which I could exclude in my case.
Try
openssl s_client -connect imap.domain.net:993
or
openssl s_client -connect imap.domain.net:993 -ssl3
(should or better may fail)
openssl s_client -connect imap.domain.net:993 -tls1
(should work)
Code:
CONNECTED(00000003) 17589:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1099:SSL alert number 40 17589:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:536:
Code:
OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
But now how to use my account in modest? Should I put "Normal (TLS)". Will it be secured that way? In the configuration page of my hosting provider I have some settings :
Code:
SSL / TLS (Recommended)
User name : adress@domain.net
Password : your password
Server in : hosting24.hostway.net
IMAP Port: 993
POP3 Port: 995
Server out : hosting24.hostway.net
SMTP Port: 465
The authentication is required for IMAP, POP3 and SMTP.
Code:
Non-SSL Settings (Not recommended)
User name : adress@domain.net
Password : your password
Server in : mail.domain.net
IMAP Port: 143
POP3 Port: 110
Server out : mail.domain.net
SMTP Port: 587
The authentication is required for IMAP, POP3 and SMTP.
How to configure modest knowing those informations to have a secure connection to my mail accounts?
| The Following User Says Thank You to Malakai For This Useful Post: | ||
|
|
2014-10-28
, 21:14
|
|
Posts: 4,118 |
Thanked: 8,901 times |
Joined on Aug 2010
@ Ruhrgebiet, Germany
|
#15
|
Damn. 
Looks like you are doomed, too.
Try TLS on 143 for incoming
and TLS 587 on outgoing.
This should be safe (if working).
But one thing I did never understand about STARTTLS (which is used as setting "Normal (TLS)") is when it connects normally and only after connection established switches to TLS how do I know that I have a secured connection and not a normal one?
So take above 'secure' with a grain of salt!
t-online does not provide port 143, even more
Last edited by peterleinchen; 2014-10-28 at 21:18.
Looks like you are doomed, too.
Try TLS on 143 for incoming
and TLS 587 on outgoing.
This should be safe (if working).
But one thing I did never understand about STARTTLS (which is used as setting "Normal (TLS)") is when it connects normally and only after connection established switches to TLS how do I know that I have a secured connection and not a normal one?
So take above 'secure' with a grain of salt!
t-online does not provide port 143, even more
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
Last edited by peterleinchen; 2014-10-28 at 21:18.
|
|
2014-10-28
, 21:23
|
|
Posts: 175 |
Thanked: 210 times |
Joined on Mar 2013
|
#16
|
Thanks for the suggestion, will try and post feedback.
But if it connects normally this means that my username and password goes without encryption, so how does this help me if afterwards the connection gets encrypted, knowing that somebody sniffing the network would get my credentials. This in addition to what you said.
But one thing I did never understand about STARTTLS (which is used as setting "Normal (TLS)") is when it connects normally and only after connection established switches to TLS how do I know that I have a secured connection and not a normal one?
| The Following User Says Thank You to Malakai For This Useful Post: | ||
|
|
2014-10-28
, 21:37
|
|
Posts: 4,118 |
Thanked: 8,901 times |
Joined on Aug 2010
@ Ruhrgebiet, Germany
|
#17
|
That is what the tick marker 'Secure Authentication' is for?
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
| The Following User Says Thank You to peterleinchen For This Useful Post: | ||
|
|
2014-10-28
, 21:45
|
|
Posts: 4,118 |
Thanked: 8,901 times |
Joined on Aug 2010
@ Ruhrgebiet, Germany
|
#18
|
And I do not believe we will be succesful with our modest STARTTLS anymore, as this implies a connection request without securing.
And the German providers started a campaign about secure mails in April about that, so I guess they will also not support STARTTLS anymore. Will ask in the German forum.telekom.de but do not believe they will do so for a handful of guys/nerds/fanatics.
So is my last hope is freemangordon but he is overwhelmed at the moment. So this might take some time.
--
uh, wait. Quoting myself
But that is exactly what I use for securesmtp.t-online.de:587 (with TLS). And I can send mails. So maybe asking for port 143 ...
Last edited by peterleinchen; 2014-10-28 at 21:50.
And the German providers started a campaign about secure mails in April about that, so I guess they will also not support STARTTLS anymore. Will ask in the German forum.telekom.de but do not believe they will do so for a handful of guys/nerds/fanatics.
So is my last hope is freemangordon but he is overwhelmed at the moment. So this might take some time.
--
uh, wait. Quoting myself
so I guess they will also not support STARTTLS anymore
__________________
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
SIM-Switcher, automated SIM switching with a Double (Dual) SIM adapter
--
Thank you all for voting me into the Community Council 2014-2016!
Please consider your membership / supporting Maemo e.V. and help to spread this by following/copying this link to your TMO signature:
[MC eV] Maemo Community eV membership application, http://talk.maemo.org/showthread.php?t=94257
editsignature, http://talk.maemo.org/profile.php?do=editsignature
Last edited by peterleinchen; 2014-10-28 at 21:50.
| The Following User Says Thank You to peterleinchen For This Useful Post: | ||
|
|
2014-10-28
, 21:52
|
|
Posts: 2,076 |
Thanked: 3,268 times |
Joined on Feb 2011
|
#19
|
Originally Posted by reinob
Slowly? Sadly even latest compilations of cli only programs for rpi fail on n900(frozen depths is a good example, too new glibc etc), without upgrading the whole stack... yeah, with hwkb jolla does seem like the true successor n950 could have been, sorry for OT
I hope it tries TLS first (1.2, 1.1, 1.0) *and then* SSL.
Re. "a port is just a port". STARTTLS is not just TLS over port 143. It is actually normal IMAP on 143 and then (when already "inside") switching to an encrypted channel (via TLS).
So you could not just hack Modest to to STARTTLS on 993 and hope it will work. (in case this was somehow implicitly being suggested).
I guess Fremantle is slowly becoming obsolete..
| The Following User Says Thank You to szopin For This Useful Post: | ||
|
|
2014-10-28
, 23:04
|
|
Posts: 203 |
Thanked: 445 times |
Joined on Mar 2010
|
#20
|
STARTTLS does TLS before sending credentials. That's the point. 
"Secure Authentication" probably is something like CRAM-MD5 or, ie. credentials are not sent in the clear (but not necessarily 'secure' by today's standards either) even if STARTTLS isn't supported.
Malakai: Have you tried "Normal (TLS)", ie. STARTTLS on port 143 (plus "Secure Authentication")?
Last edited by foobar; 2014-10-29 at 00:56.
"Secure Authentication" probably is something like CRAM-MD5 or, ie. credentials are not sent in the clear (but not necessarily 'secure' by today's standards either) even if STARTTLS isn't supported.
Malakai: Have you tried "Normal (TLS)", ie. STARTTLS on port 143 (plus "Secure Authentication")?
Last edited by foobar; 2014-10-29 at 00:56.
| The Following 5 Users Say Thank You to foobar For This Useful Post: | ||
 |
| Tags |
| email, modest, send receive |
«
Previous Thread
|
Next Thread
»
|
All times are GMT. The time now is 13:04.