SMTPSecureSocket encrypted transfer?

  1. 2 years ago

    Christian S

    28 May 2015 Pre-Release Testers, Xojo Pro Europe (Germany)

    Hi,

    I currently have the problem that for unencrypted SMTP the hotel seems to redirect it to some proxy and filter/reject mails!

    I see with CURL I can go encrypted to my real server and not get through the hotel smtp proxy.

    But as far as I try with SMTPSecureSocket in my application, it seems to always send plain text!

    Did someone get it send encrypted and can tell me the configuration?

  2. Christian S

    28 May 2015 Pre-Release Testers, Xojo Pro Europe (Germany)

    my configuration:

    s.Secure = true s.Port = 587 s.Address = server s.Username = accountName s.Password = password s.Address = "sslout.df.eu" s.CertificateFile = SpecialFolder.Preferences.Child("sslout.df.eu.cer") s.ConnectionType = s.TLSv12 s.Secure = true s.SMTPConnectionMode = SMTPSecureSocket.ModeSTARTTLS


    I clearly only want encrypted transfer and never unencrypted. And if the certificate does not match mine, I want an error and not fall back to plain text.

    PS: Or do I have to use my plugin to get it secure?

  3. Christian S

    28 May 2015 Pre-Release Testers, Xojo Pro Europe (Germany)

    I overwrote write method to stop it in case it authenticates without security:

    Sub write(Data As String)
      if data.left(4) = "AUTH" and not me.Secure then
        Break
        me.close
        Return
      end if
      
      super.Write data
    End Sub
  4. Christian S

    29 May 2015 Pre-Release Testers, Xojo Pro Europe (Germany)

    No one?
    I just switched an app to use MBS CURL Plugin.

  5. Christian S

    29 May 2015 Pre-Release Testers, Xojo Pro Europe (Germany)

    Code is like this with CURL Plugin:

    dim email as new CURLEmailMBS email.SetFrom "test@test.test", "Christian Schmitz" email.AddBCC "test@test.test", "Christian Schmitz" for each emailText as string in emails email.AddTo emailText, AnName.Text next email.SMTPUsername = c.Username email.SMTPServer = c.Address email.SMTPPassword = c.Password email.Subject = Betreff.Text email.PlainText = ConvertEncoding(Inhalt.Text, encodings.UTF8) gotServerError = false curl = new CURLSMBS if curl.SetupEmail(email) then // ok else dim ee as integer = curl.Lasterror Break // problem? end if curl.OptionPort = c.Port curl.OptionSSLVerifyHost = 2 curl.OptionSSLVerifyPeer = 1 curl.OptionCAInfo = c.CertificateFile.NativePath curl.YieldTime = true curl.OptionVerbose = true curl.CollectOutputData = true curl.CollectDebugData = true curl.OptionFTPSSL = curl.kFTPSSL_ALL curl.OptionSSLVersion = curl.kSSLVersionTLSv12 // curl.Perform follows...

    This does uses TLSv1.2 / DHE-RSA-AES256-GCM-SHA384 for me.
    And it accepts only the right certificates and not a fake one based on some other root certificate.

  6. Christian S

    29 May 2015 Pre-Release Testers, Xojo Pro Europe (Germany)

    see also Feedback case 39516.

  7. Markus W

    30 May 2015 #JeSuisHuman Europe (Germany)...

    WHAT???

    I'd really like Xojo to respond to this.

    Btw I would recommend you change the title to "Transfers with SMTPSecureSocket NOT encrypted!"

  8. John A

    30 May 2015 Pre-Release Testers, Xojo Pro Las Vegas, Nevada

    Looks like SMTPSecureSocket is falling back to insecure if it doesn't get a certificate, when it should abort with an error.

    --------------------------
    I've seen many hotel WiFi systems divert email on port 25 to an internal server that masquerades the mail server, then forwards the email.

    I found out by accident only because I have SPF set up for my mail server and the hotel's IP got bounced as 'not authorized to send email for this domain'

    I immediately set up my server with a certificate and set Thunderbird and such to ONLY connect via Secure on port 495 for outgoing mail.

  9. Hal G

    1 Jun 2015 Pre-Release Testers, Xojo Pro Orlando, FL

    This is really scary!

  10. Christian S

    1 Jun 2015 Pre-Release Testers, Xojo Pro Europe (Germany)

    I'm more scared by the reaction of Xojo people. The bug case is not even reviewed, no reply and not much response in general.
    Seems like nobody is using it?

  11. Markus W

    5 Jun 2015 #JeSuisHuman Europe (Germany)...

    hello? Xojo anyone?

  12. Roberto C

    19 Jun 2015 Pre-Release Testers, Xojo Pro Europe (Milan, Italy)

    YES! hello? Xojo anyone?

  13. Markus W

    19 Jun 2015 #JeSuisHuman Europe (Germany)...

    The silence is deafening. Maybe we should post this question somewhere else?

  14. shao s

    is not verified 19 Jun 2015 Sudbury, Ontario, Canada

    Maybe the NSA won't let them reply to it? ;P

  15. Markus W

    19 Jun 2015 #JeSuisHuman Europe (Germany)...

    In that case: Hello? NSA anyone?

  16. Deleted 2 years ago by Albin K
  17. David C

    19 Jun 2015 Pre-Release Testers, Xojo Pro Derby, ITM

    The canary is dead.

  18. Beatrix W

    19 Jun 2015 Pre-Release Testers Europe (Germany)

    Yeah, seems so. The Feedback case still is in "Needs review".

  19. Dirk C

    19 Jun 2015 Pre-Release Testers, Xojo Pro Galactic Sector ZZ9 Plural Z A...

    I just assigned my top 1 feedback position to this case
    Feedback Case #39516
    If we want them to look at it, we probably should add it to our list of important stuff.
    it's now ranked 155th.
    Before I assigned my points it wasn't ranked.
    Remember that feedback is the official support channel, and not this place

  20. Hal G

    19 Jun 2015 Pre-Release Testers, Xojo Pro Orlando, FL
    Edited 2 years ago by Hal G

    I made it my #1 feedback position too. Now Rank is now 55.

    We should start working together on this type of stuff. We should all pick one thing that most of us need to push it to the top. Eventually all our problems would go away. :)

  21. Newer ›

or Sign Up to reply!