Article <87wmhd7b5l.fsf@miraculix.mork.no>

Deutsch English Français Italiano
<87wmhd7b5l.fsf@miraculix.mork.no>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!eternal-september.org!feeder2.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: =?utf-8?Q?Bj=C3=B8rn_Mork?= <bjorn@mork.no>
Newsgroups: comp.mail.sendmail
Subject: Re: sendmail AUTH
Date: Fri, 08 Nov 2024 20:55:50 +0100
Organization: m
Lines: 44
Message-ID: <87wmhd7b5l.fsf@miraculix.mork.no>
References: <875xoy7jau.fsf@jemoni.to> <anfi+xghsks9vvf-ob85@wp.eu>
	<87ed3m575r.fsf@jemoni.to> <vglbcv$38n6p$2@dont-email.me>
	<87ttchzi0e.fsf@jemoni.to>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 08 Nov 2024 20:55:50 +0100 (CET)
Injection-Info: dont-email.me; posting-host="3f0f258a45bed8f5d26e39c3d6299cc2";
	logging-data="3506523"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18wvr2CmVc1Zabmd+kqsbdY"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
Cancel-Lock: sha1:7cFxYfImMV0ql41dxgQwLgTXcy0=
	sha1:TQYnzhs60LXY8kLlzMS5V54jJ1k=
Bytes: 2306

Wolfgang Agnes <wagnes@jemoni.to> writes:

> Thanks!  I don't know how to investigate it further after I type
> STARTTLS.  I believe that after I issue STARTTLS, I'd have to speak the
> TLS protocol, which I don't know how.

You can have openssl connect and issue the STARTTLS, and then continue
with TLS.  Like so:

bjorn@miraculix:~$ openssl s_client -connect canardo:25 -starttls smtp -quiet
Can't use SSL_get_servername
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R11
verify return:1
depth=0 CN = canardo.mork.no
verify return:1
250 HELP
ehlo du
250-canardo.dyn.mork.no Hello [IPv6:2a01:799:10de:2e0a:149a:2079:3a3a:3457], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH PLAIN LOGIN
250-DELIVERBY
250 HELP
quit
221 2.0.0 canardo.dyn.mork.no closing connection


Drop the "-quiet" option to get more details about the TLS negotiation,
or add other options.  You can also send client certificate if you want,
using -key and -cert. And there are plenty of other options as usual
with openssl :-)

See the openssl s_client manual page for more details.


Bjørn