From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 7EF0C15838C for ; Thu, 18 Jan 2024 18:43:21 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0B0A82BC044; Thu, 18 Jan 2024 18:43:10 +0000 (UTC) Received: from insect.birch.relay.mailchannels.net (insect.birch.relay.mailchannels.net [23.83.209.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 4214F2BC03F for ; Thu, 18 Jan 2024 18:43:09 +0000 (UTC) X-Sender-Id: thundermail|x-authsender|confabulate@kintzios.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 3453B503430 for ; Thu, 18 Jan 2024 18:43:08 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1705603387; a=rsa-sha256; cv=none; b=u/x7PcP59tcO9b7S16Y1+EN20WfRE3bLczy4RB/34OYkMq5c8gfQW8N1OxlWuiYZ7tKD4A TCNTD67AvZK1iF3aT6g1L/gWMRx6aeOsZxE9BCZZpbwzluc8N+5GY+fAV0GP4O11hgmCVh jDnA1zHAaqRrzKcRKNGgZzhVIdaO7Sfxv/6XuvBOQgyr8yLSofI0UVXzKtBs6bhzD5Y672 q8WDJJVIrwPWwEZfpT4fphGYVqGfz/qIS3xsznX2v8TR0WqM8VvVzO25H8on/A36/Hmu6r xoIpErtGDc9d7aq0DG2f57cSORyAOzbVnFyKL9/VUIMe82RF17f6UN5RxVi21Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1705603387; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:dkim-signature; bh=v+Q9RLxL5jpfTCSRgTg3cGWGY8fkSWgMLPaDrLDif+E=; b=TGB5ZyPHMiVTTR6Z4NBM8P+L5J2HoE4SfZfAg/KYBYdCAUaSg25wcRd0CXzs+OzH6Eq16O 5gnoCsleiBFbAPU//A6carjdy/Vnnzz3jv8hULp+uqx4zU1ZG3DvuDmWrnWBPF2iSZLbEs fN/6kGRXZcKpGbVACH4kFagPN7pMLujdTnPGGfWCLrNPvjIeBo+AWBIX+a8kdrj8ZNIt+U 63DdepU53yGzRk9KIQRtj6kJ2KuFJlHCnVEWD6UY/ddtd5los0IIYD0kP7ZIu0iWGKiBRa DJhUxbWzKGKIl9ZyElyWPemSyxuDdP7utUskmsc5DTxWaMVgJtAQ3wAr43knxg== ARC-Authentication-Results: i=1; rspamd-568947cb6c-h5q2j; auth=pass smtp.auth=thundermail smtp.mailfrom=confabulate@kintzios.com X-Sender-Id: thundermail|x-authsender|confabulate@kintzios.com X-MC-Relay: Neutral X-MailChannels-SenderId: thundermail|x-authsender|confabulate@kintzios.com X-MailChannels-Auth-Id: thundermail X-Illegal-Lettuce: 3a4b1fb044853839_1705603387808_2455164308 X-MC-Loop-Signature: 1705603387808:1559019643 X-MC-Ingress-Time: 1705603387808 Received: from mailclean11.thundermail.uk (mailclean11.thundermail.uk [149.255.60.66]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.123.135.9 (trex/6.9.2); Thu, 18 Jan 2024 18:43:07 +0000 Received: from cloud220.unlimitedwebhosting.co.uk (cloud220.unlimitedwebhosting.co.uk [149.255.60.183]) by mailclean11.thundermail.uk (Postfix) with ESMTPS id 7538340228 for ; Thu, 18 Jan 2024 18:43:02 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kintzios.com; s=default; t=1705603383; bh=CfJ3cr4C3BcVb1/xwsI4y4GMGcIoDdQjZlljAfZ94LE=; h=From:To:Subject; b=beCSMnrLj+qsdlWbEMbs+B8GpCbm3mGqzYxqz8Kt++aQ7EFPOASOXWbsOpu3JQZtD di3P+qSyz0uzMGdZ2Vapbcft3eGqcVY+6FCTzC2Z18PKOwtJ77By9oAnG+zXyTRKM0 iXwIbUj+s9071k6l5SOcSViXhsydvipTSgMa7AH4= From: Michael To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [OT] Anyone running mutt outboung smtp on port 587? Date: Thu, 18 Jan 2024 18:42:48 +0000 Message-ID: <2792672.BEx9A2HvPv@rogueboard> In-Reply-To: References: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart15099574.tv2OnDr8pf"; micalg="pgp-sha256"; protocol="application/pgp-signature" X-PPP-Message-ID: <170560338324.4848.17319883592750858351@cloud220.unlimitedwebhosting.co.uk> X-PPP-Vhost: kintzios.com X-Spamd-Result: default: False [-0.61 / 999.00]; SIGNED_PGP(-2.00)[]; SUBJECT_ENDS_QUESTION(1.00)[]; MID_RHS_NOT_FQDN(0.50)[]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; ONCE_RECEIVED(0.10)[]; MX_GOOD(-0.01)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DMARC_POLICY_ALLOW(0.00)[kintzios.com,none]; FROM_HAS_DN(0.00)[]; R_DKIM_ALLOW(0.00)[kintzios.com:s=default]; ARC_NA(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; FUZZY_BLOCKED(0.00)[rspamd.com]; DKIM_TRACE(0.00)[kintzios.com:+]; RCVD_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+,1:+,2:~]; TO_DN_NONE(0.00)[]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MISSING_XM_UA(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[gentoo-user@lists.gentoo.org]; R_SPF_ALLOW(0.00)[+mx]; NEURAL_HAM(-0.00)[-0.958]; ASN(0.00)[asn:34931, ipnet:149.255.60.0/22, country:GB]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[confabulate@kintzios.com] X-Rspamd-Server: mailclean11 X-Rspamd-Action: no action X-Rspamd-Queue-Id: 7538340228 X-Archives-Salt: 5983e643-0111-42f1-9fe3-e3320d4b2634 X-Archives-Hash: 5df6bdf96ab0079cd9af7597c1497bda --nextPart15099574.tv2OnDr8pf Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8"; protected-headers="v1" From: Michael To: gentoo-user@lists.gentoo.org Reply-To: confabulate@kintzios.com Date: Thu, 18 Jan 2024 18:42:48 +0000 Message-ID: <2792672.BEx9A2HvPv@rogueboard> In-Reply-To: MIME-Version: 1.0 On Thursday, 18 January 2024 17:02:44 GMT Walter Dnes wrote: > I haven't been switched over to fibre yet due to config problems, but > I'm trying to test port 587 using your settings. I recompiled mutt > adding USE="debug gnutls". With "mutt -d 2" I get the a lot of debug > output, including the following. To further complicate things, when I > switch back to the old muttrc, I get something about "no From:" I had > to rebuild without gnutls to get it working again. What do the last 2 > lines imply? > > [2024-01-18 11:36:00] Sending message... > [2024-01-18 11:36:00] Looking up smtp.ebox.ca... > [2024-01-18 11:36:00] Connecting to smtp.ebox.ca... > [2024-01-18 11:36:00] Connected to smtp.ebox.ca:587 on fd=4 > [2024-01-18 11:36:00] 4< 220 smtp.ebox.ca ESMTP Postfix (Debian/GNU) > [2024-01-18 11:36:00] 4> EHLO waltdnes.org > [2024-01-18 11:36:00] 4< 250-smtp.ebox.ca > [2024-01-18 11:36:00] 4< 250-PIPELINING > [2024-01-18 11:36:00] 4< 250-SIZE 20000000 > [2024-01-18 11:36:00] 4< 250-VRFY > [2024-01-18 11:36:00] 4< 250-ETRN > [2024-01-18 11:36:00] 4< 250-STARTTLS > [2024-01-18 11:36:00] 4< 250-ENHANCEDSTATUSCODES > [2024-01-18 11:36:00] 4< 250-8BITMIME > [2024-01-18 11:36:00] 4< 250 DSN > [2024-01-18 11:36:00] 4> STARTTLS > [2024-01-18 11:36:00] 4< 220 2.0.0 Ready to start TLS > [2024-01-18 11:36:00] gnutls_handshake: A packet with illegal or unsupported > version was received. > [2024-01-18 11:36:02] Could not negotiate TLS connection The "no From:" complaint could be fixed by specifying in your muttrc: set from = "waltdnes@waltdnes.org" The gnutls error is more cryptic. You'll have to check what certificate is sent by the server to deduce what causes the gnutls message. You can try connecting to the server with the openssl s_client: openssl s_client -connect smtp.ebox.ca\:587 -starttls smtp -showcerts or with gnutls-cli: gnutls-cli --starttls-proto smtp smtp.ebox.ca -p 587 then try to negotiate a connection: ehlo there ... Ctrl+D Gnutls should run starttls and when you enter "Ctrl+D" it will print out what in particular it has a problem with. The openssl attempt will show the certificates and you can check the whole chain, in case you missing a certificate. As long as the CA certificate is in your /etc/ssl/certs/ there shouldn't be a problem. Alternatively, add the server certificate(s) in '~/.mutt/certificates' and specify this path by setting 'set certificate_file' in your muttrc. The first time you try to connect to your server mutt should warn you if there is a mismatch between the server's certificate and your SMTP server domain CN field, or anything else. It will ask you to accept it and allow you to proceed with the connection. --nextPart15099574.tv2OnDr8pf Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEXqhvaVh2ERicA8Ceseqq9sKVZxkFAmWpcSgACgkQseqq9sKV Zxl67Q//RNDPVH9AvrTtEIchPkerToZIxNEpQCZ1l2nmNhS2EVx3Pxw+kVBNVWqE t3FZtAUqu8deSYMicAgsvKjB0VEqauxjtLWzabFaIFahR98Sc1zfwLustma8k8/Q zRjc8RD0dvSqgqbaw8/hGtdoSVrBsPSjM8IG4iRbnVpkCEEhCoqMWRUNTQMPKlGQ PHT6n++jFmpBilhiAeX5nfhRhTYQCe7mQADLPQV8tEdaWAM23xEAjKT9XpDqnjFb BsJr/e3bqEP9iImWbz2/VqogcLbWBzjnMETEHOXkHQma1Kz2kJlBdSj4RV6vOCKE a+DLoUytafWKvI6v6hJ/lB/JImMwsNuH1282mLm+Mu2X/sld79XqS665fp7HW5LP IFd8KgVlActjz8ROWfGTKzea/H53I8r8rqWbEGy4VHzLsIj5y/jnNG06NLxngb8b u+8N0MuvrXBTGPMClNGgOyYPWzYTLzAvYjLGhgfoSF++gAntg6fFyOtq97Mx4YTl e6qoxVaeUdmI3X4HeD3TJz7N+q4cTKFylCfqiEAG7trfKoYbZZFdveT++n46/HsT 6GeXkb1KjVJbRINhv7Bs8V0OF8zijPa+pKA/oG/UEKmSFvd3H09T3b1U/FldaNO4 HF41tTLgm23GUSYdn59i15ZMN48On4fqhzH6RxoZxUF0rHfDHJA= =ar2v -----END PGP SIGNATURE----- --nextPart15099574.tv2OnDr8pf--