We have plain text authentication, we have simple HELO- based login. Now we need to get serious and:
....
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM LOGIN
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-XEXCH50
250 XRDST
auth login
334 VXNlcm5hbWU6
c3lhbmc=
334 UGFzc3dvcmQ6
...
Has any one tackled this yet?
Thanks!
Chris
Has anyone developed encrypted SMTP login for EMAIL?
-
Chris Ruff
- Posts: 222
- Joined: Thu Apr 24, 2008 4:09 pm
- Location: topsail island, nc
- Contact:
Has anyone developed encrypted SMTP login for EMAIL?
Real Programmers don't comment their code. If it was hard to write, it should be hard to understand
Re: Has anyone developed encrypted SMTP login for EMAIL?
Hi Chris,
TLS authentication is currently on the NetBurner list of "possible future features". We have not thoroughly researched this so I am unsure of the amount of work required to implement it. I do know that this will require the NetBurner SSL package.
A few weeks ago I developed a method of sending mail to "most" TLS mail servers without requiring any secure login. This new mail feature does not even require an SMTP server. All that is required is the destination email address and a valid DNS server. You can look at the following post for the details:
http://forum.embeddedethernet.com/viewt ... hilit=mail
If this will work for you then let me know and I can send you a copy of the modified system files and an example for testing. This will be in the next beta but there is no current time frame for that release.
-Larry
TLS authentication is currently on the NetBurner list of "possible future features". We have not thoroughly researched this so I am unsure of the amount of work required to implement it. I do know that this will require the NetBurner SSL package.
A few weeks ago I developed a method of sending mail to "most" TLS mail servers without requiring any secure login. This new mail feature does not even require an SMTP server. All that is required is the destination email address and a valid DNS server. You can look at the following post for the details:
http://forum.embeddedethernet.com/viewt ... hilit=mail
If this will work for you then let me know and I can send you a copy of the modified system files and an example for testing. This will be in the next beta but there is no current time frame for that release.
-Larry
-
Chris Ruff
- Posts: 222
- Joined: Thu Apr 24, 2008 4:09 pm
- Location: topsail island, nc
- Contact:
Re: Has anyone developed encrypted SMTP login for EMAIL?
Larry:
I am interested in the work you have done.
It appears that an email source (SMTP server) needs to be "qualified" socially. So the best solution is to still authenticate with a 'known' SMTP server and have it relay your mail for you.
Does anyone on the list know what the handshaking is between the mail client and the SMTP server? How does encryption help if all one needs is the ability to encrypt/decrypt?
Is there a secret key/ public key scenario?
Is there a "well-known" key that honest people know and spammers are not supposed to know?
Is it simply a way to mask the user name/ password? And if so why can't just any packet receiver decrypt the exchange and extract the name/password.
Does anybody know this before I spend the hours with the RFCs?
Larry, I am interested in your code work so far, can you forward it?
Thanks!
Chris
I am interested in the work you have done.
It appears that an email source (SMTP server) needs to be "qualified" socially. So the best solution is to still authenticate with a 'known' SMTP server and have it relay your mail for you.
Does anyone on the list know what the handshaking is between the mail client and the SMTP server? How does encryption help if all one needs is the ability to encrypt/decrypt?
Is there a secret key/ public key scenario?
Is there a "well-known" key that honest people know and spammers are not supposed to know?
Is it simply a way to mask the user name/ password? And if so why can't just any packet receiver decrypt the exchange and extract the name/password.
Does anybody know this before I spend the hours with the RFCs?
Larry, I am interested in your code work so far, can you forward it?
Thanks!
Chris
Real Programmers don't comment their code. If it was hard to write, it should be hard to understand