From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 9A72B15838C for ; Sun, 21 Jan 2024 16:09:43 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 96212E29A5; Sun, 21 Jan 2024 16:09:37 +0000 (UTC) Received: from barracuda.ebox.ca (barracuda.ebox.ca [96.127.255.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 28DE3E29A0 for ; Sun, 21 Jan 2024 16:09:37 +0000 (UTC) X-ASG-Debug-ID: 1705853375-0c856e713e18374c0001-LfjuLa Received: from smtp.ebox.ca (smtp.ebox.ca [96.127.255.82]) by barracuda.ebox.ca with ESMTP id ryCcpPENuiJFpNYA (version=TLSv1 cipher=AES128-SHA bits=128 verify=NO) for ; Sun, 21 Jan 2024 11:09:35 -0500 (EST) X-Barracuda-Envelope-From: waltdnes@waltdnes.org X-Barracuda-RBL-Trusted-Forwarder: 96.127.255.82 Received: from waltdnes.org (unknown [198.58.217.37]) by smtp.ebox.ca (Postfix) with SMTP id A3E58441B21 for ; Sun, 21 Jan 2024 11:09:34 -0500 (EST) Received: by waltdnes.org (sSMTP sendmail emulation); Sun, 21 Jan 2024 11:09:47 -0500 X-Barracuda-RBL-IP: 198.58.217.37 X-Barracuda-Effective-Source-IP: 198-58-217-37.on.cable.ebox.net[198.58.217.37] X-Barracuda-Apparent-Source-IP: 198.58.217.37 Date: Sun, 21 Jan 2024 11:09:47 -0500 From: Walter Dnes To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [OT] Anyone running mutt outboung smtp on port 587? Message-ID: X-ASG-Orig-Subj: Re: [gentoo-user] [OT] Anyone running mutt outboung smtp on port 587? References: <2792672.BEx9A2HvPv@rogueboard> <4324200.ejJDZkT8p0@rogueboard> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="/MqwxCekOQrr/ZoO" Content-Disposition: inline In-Reply-To: <4324200.ejJDZkT8p0@rogueboard> X-Barracuda-Connect: smtp.ebox.ca[96.127.255.82] X-Barracuda-Start-Time: 1705853375 X-Barracuda-Encrypted: AES128-SHA X-Barracuda-URL: https://96.127.255.19:443/cgi-mod/mark.cgi X-Barracuda-BRTS-Status: 1 X-Virus-Scanned: by bsmtpd at ebox.ca X-Barracuda-Scan-Msg-Size: 1830 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=5.0 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.119743 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-Archives-Salt: b4138767-b70e-473b-bdda-bb9c429ffd8a X-Archives-Hash: 963e2c8175b12177322f042805a1c442 --/MqwxCekOQrr/ZoO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Sun, Jan 21, 2024 at 12:05:45PM +0000, Michael wrote > > Anyway, to take you forward you can: > > 1. Keyword the latest gnutls package in case the gnutls verification criteria > have been loosened. > > 2. Copy the Root CA into the users ~/ and point muttrc to it: > > set certificate_file = "~/.mutt/certificates" > > 3. If everything else fails, having verified yourself the server's > Root CA and child certificates are all legit you can set: > > unset ssl_verify_host > > Obviously this would not be satisfactory from a security perspective. Nothing above works, and I wonder if it's something at my end. I keep getting the same message... > gnutls_handshake: A packet with illegal or unsupported version was received. The current net-libs/gnutls-3.8.0 ebuild (and 3.8.1 and 3.8.2) has sslv2 and sslv3 enabled in IUSE ...but... "emerge -pv gnutls" shows them hard-masked. Is my system forcing sslv1 and the server rejecting me??? [ebuild R ] net-libs/gnutls-3.8.0:0/30.30::gentoo USE="cxx idn nls openssl seccomp tls-heartbeat tools zlib -brotli -dane -doc -examples -pkcs11 (-sslv2) (-sslv3) -static-libs -test (-test-full) -verify-sig -zstd" 0 KiB Do you get the same? Do I have to set something in... make menuconfig -*- Cryptographic API ---> "emerge -pv mutt" [ebuild R ] mail-client/mutt-2.2.12::gentoo USE="debug gnutls gpgme hcache imap lmdb mbox nls pop sasl smtp ssl -autocrypt -berkdb -doc -gdbm -gsasl -idn -kerberos -pgp-classic (-prefix) -qdbm (-selinux) -slang -smime-classic -tokyocabinet -vanilla" 0 KiB I copied certificates from x.txt to .mutt/certificates (see attachment). Is this correct? And how do I securely pass credentials? -- Roses are red Roses are blue Depending on their velocity Relative to you --/MqwxCekOQrr/ZoO Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=certificates -----BEGIN CERTIFICATE----- MIIGgDCCBWigAwIBAgIIQdcTd20TTxAwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz LmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1 cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMjMwOTI2MDEwMDI1WhcN MjQxMDI3MDEwMDI1WjAUMRIwEAYDVQQDDAkqLmVib3guY2EwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQC1kgJlaAqSUNfZd2jPfxSlH0HTzvFV344iJdd3 zf01XwSySxtAKB3bwrmxfq0ppmVU4CTlj1IOTaY7uA3Fpy5V0CAE38HOpT/xsv1n 7ZXAm7jVA8UOJbFMtCwCtLArhEeGZS8ssrO51uzZquj6O2zCQeoG7cYqeQTh0Z3X x1DmsdP5Tvyot82p3SKiCoFurk/ZIMXeDbG3K+Vxw+wiFgmYYl1rBAOJpyqxIwuX NFlkNCU2K7M2LqohyO10FI/RJOn0hwuY+t7a6kZbNKLGWuuUXg29Y9TrqUXAa5yN mmJtTD6UsHfGKPZN5n1GlqgNSUDlxLKBedA7gTzHQKh+BYBhAgMBAAGjggMzMIID LzAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAO BgNVHQ8BAf8EBAMCBaAwOAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL2NybC5nb2Rh ZGR5LmNvbS9nZGlnMnMxLTk0MDUuY3JsMF0GA1UdIARWMFQwSAYLYIZIAYb9bQEH FwEwOTA3BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNv bS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUF BzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0dHA6 Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5jcnQw HwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wHQYDVR0RBBYwFIIJKi5l Ym94LmNhggdlYm94LmNhMB0GA1UdDgQWBBQKTRI2+yZaO2QIMLlRwVy3A5EslTCC AX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUA7s3QZNXbGs7FXLedtM0TojKHRny8 7N7DUUhZRnEftZsAAAGKzwBtGQAABAMARjBEAiB+c8AeqWVcH6tLIN3K+jxvyrcS bezMfVwxregY56O9uwIgfdjEFhw0w7dvv6O7kyrYFLXd1KmLtZZUBkg/pSr72ScA dgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYrPAG3/AAAEAwBH MEUCIGniWz36pvx9BThv4yxeEqoAk1pEqJz9vggQfm1nsABKAiEA4DE0bNlpa90J JBpJk+ane6GP3Ycu0zG/kfjPRKGWaT4AdwDatr9rP7W2Ip+bwrtca+hwkXFsu1GE hTS9pD0wSNf7qwAAAYrPAG55AAAEAwBIMEYCIQCnqbkMcFiLX1Gc9EHlyo4Rm/T7 pCmjJV1ylgVQhk5tMQIhALGmRhmJmH77RRh0+CBKX+MZ6EtKBnci+j6jGHus7Xj4 MA0GCSqGSIb3DQEBCwUAA4IBAQBK852eVZVAZmuKFg/37ywvp1p3Otq1Iy6093pR QEoKUN5OVxLcAYJTcQSrGMZdytVNGuOe9F3mm2tP4NxOT32ERyowAFx3DOIFIJRP 6XDO9V2tUgoJ4hxMdNnzoAcnXh/naTLtWD29OpjEzsMYjFQuaeeKXa0Nk4/1bUhm Nugmmm3z2DLOumVKILzi/uZLDYdrO4vOkIxXLgBdHZFV+6ZZVR26bffvS3q3owRG 8d/eXulLowCoblX8PbNBedRVll18+t2j/FzVD7N7L7qF5076/LODbfk6fRHEXN/w 65NjrQ1RiRekUHXMjFrlTraSIEWQOAaGaDCOmcOyjcjfuk7/ -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3 MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UE CxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQD EypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzD BNliF44v/z5lz4/OYuY8UhzaFkVLVat4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOv K/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23e cSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HY pDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7n eTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMB AAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV HQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv 9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v b2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5n b2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEG CCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkv MA0GCSqGSIb3DQEBCwUAA4IBAQAIfmyTEMg4uJapkEv/oV9PBO9sPpyIBslQj6Zz 91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2 RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11 GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT MSEwHwYDVQQKExhUaGUgR28gRGFkZHkgR3JvdXAsIEluYy4xMTAvBgNVBAsTKEdv IERhZGR5IENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMTAx MDcwMDAwWhcNMzEwNTMwMDcwMDAwWjCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHku Y29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1 dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3Fi CPH6WTT3G8kYo/eASVjpIoMTpsUgQwE7hPHmhUmfJ+r2hBtOoLTbcJjHMgGxBT4H Tu70+k8vWTAi56sZVmvigAf88xZ1gDlRe+X5NbZ0TqmNghPktj+pA4P6or6KFWp/ 3gvDthkUBcrqw6gElDtGfDIN8wBmIsiNaW02jBEYt9OyHGC0OPoCjM7T3UYH3go+ 6118yHz7sCtTpJJiaVElBWEaRIGMLKlDliPfrDqBmg4pxRyp6V0etp6eMAo5zvGI gPtLXcwy7IViQyU0AlYnAZG0O3AqP26x6JyIAX2f1PnbU21gnb8s51iruF9G/M7E GwM8CetJMVxpRrPgRwIDAQABo4IBFzCCARMwDwYDVR0TAQH/BAUwAwEB/zAOBgNV HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9BUFuIMGU2g/eMB8GA1Ud IwQYMBaAFNLEsNKR1EwRcbNhyz2h/t2oatTjMDQGCCsGAQUFBwEBBCgwJjAkBggr BgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20vMDIGA1UdHwQrMCkwJ6Al oCOGIWh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2Ryb290LmNybDBGBgNVHSAEPzA9 MDsGBFUdIAAwMzAxBggrBgEFBQcCARYlaHR0cHM6Ly9jZXJ0cy5nb2RhZGR5LmNv bS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAWQtTvZKGEacke+1bMc8d H2xwxbhuvk679r6XUOEwf7ooXGKUwuN+M/f7QnaF25UcjCJYdQkMiGVnOQoWCcWg OJekxSOTP7QYpgEGRJHjp2kntFolfzq3Ms3dhP8qOCkzpN1nsoX+oYggHFCJyNwq 9kIDN0zmiN/VryTyscPfzLXs4Jlet0lUIDyUGAzHHFIYSaRt4bNYC8nY7NmuHDKO KHAN4v6mF56ED71XcLNa6R+ghlO773z/aQvgSMO3kwvIClTErF0UZzdsyqUvMQg3 qm5vjLyb4lddJIGvl5echK1srDdMZvNhkREg5L4wn3qkKQmw4TRfZHcYQFHfjDCm rw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEh MB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBE YWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3 MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRo ZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3Mg MiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggEN ADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCA PVYYYwhv2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6w wdhFJ2+qN1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXi EqITLdiOr18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMY avx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+ YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0OBBYEFNLE sNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h /t2oatTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5 IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD ggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wimPQoZ+YeAEW5p5JYXMP80kWNy OO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKtI3lpjbi2Tc7P TMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mER dEr/VxqHD3VILs9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5Cuf ReYNnyicsbkqWletNw+vHX/bvZ8= -----END CERTIFICATE----- --/MqwxCekOQrr/ZoO--