Next: sendmail gnutls delay, Up: sendmail gnutls [Contents][Index]
We use as example the server relay.poste.it
, port 465
. You have to have an account
there to use it; do not bomb this server with fake connections. This server requests us to build
the encrypted bridge immediately after the connection has been established, without waiting for any
line of greetings from the server.
So, we start the connector like this:
$ gnutls-cli --port 465 relay.poste.it
if the connection succeeds: gnutls-cli
prints a lot of message lines on its standard
output explaining what is going on; at last comes the line of greetings from the server, which
begins with code 220
.
The server supports the AUTH LOGIN
authentication mechanism, which requires the base64
encoding of the user name and password; we can perform it with the external program base64
(which comes with GNU Coreutils) like this:
ENCODED_USERNAME=$(echo -n 'the-user-name' | base64) ENCODED_PASSWORD=$(echo -n 'the-pass-word' | base64)
GNU Emacs users can do it with:
(setq my-usr (base64-encode-string "the-user-name")) (setq my-pwd (base64-encode-string "the-pass-word"))
The authentication dialogue goes like this:
AUTH LOGIN
, to start the authentication.
334 VXNlcm5hbWU6
which is the request for the username. The string
VXNlcm5hbWU6
is the base64 encoding of the string Username:
(without trailing
newline); we can verify this with:
$ echo -n Username: | base64
or in the Emacs’ scratch buffer:
(base64-encode-string "Username:")
334 UGFzc3dvcmQ6
(this
should happen even if the username is unknown to the server). The string UGFzc3dvcmQ6
is the
base64 encoding of the string Password:
(without ending newline); we can verify this with:
$ echo -n Password: | base64
or in the Emacs’ scratch buffer:
(base64-encode-string "Password:")
235
.
Beware that if we are not quick to send the encoded password after the encoded user name, the server may reset the authentication process as if we sent a wrong user name.
So we can do the SMTP dialogue reported below by hand (which is an edited log of a session under
Emacs’ eshell); lines starting with recv>
are the ones received from the server, lines
starting with send>
are the ones we send to the server, the ellipses ...
are
replacements for server text we are not interested in.
$ gnutls-cli --crlf --port 465 relay.poste.it recv> 220 ... ESMTP Service ... send> ehlo localhost.localdomain recv> 250-... recv> 250-DSN recv> 250-8BITMIME recv> 250-PIPELINING recv> 250-HELP recv> 250-AUTH=LOGIN recv> 250-AUTH LOGIN CRAM-MD5 DIGEST-MD5 PLAIN recv> 250-DELIVERBY 300 recv> 250 SIZE send> auth login recv> 334 VXNlcm5hbWU6 send> <the-base64-username> recv> 334 UGFzc3dvcmQ6 send> <the-base64-password> recv> 235 login authentication successful send> mail from:<from-address@poste.it> recv> 250 MAIL FROM:<from-address@poste.it> OK send> rcpt to:<to-address@other-host.it> recv> 250 RCPT TO:<to-address@other-host.it> OK send> data recv> 354 Start mail input; end with <CRLF>.<CRLF> send> From: <from-address@poste.it> send> To: <to-address@other-host.it> send> Subject: interactive attempt send> send> Text for interactive attempt. send> -- send> Marco send> . recv> 250 ... Mail accepted send> quit recv> 221 ... QUIT recv> - Peer has closed the GNUTLS connection
Next: sendmail gnutls delay, Up: sendmail gnutls [Contents][Index]