help-gnu-emacs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

smtpmail: accept untrusted certificates?


From: Stephen Berman
Subject: smtpmail: accept untrusted certificates?
Date: Thu, 29 Jan 2009 10:14:26 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.60 (gnu/linux)

--- Begin Message ---
<#multipart type=mixed>
<#part type=text/plain nofile=yes>
I have been using the following (partly anonymized) to send email from
one of my accounts:
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="==-=-="

(defun srb-rub-smtp-send-mail-setup ()
  ""
  (interactive)
  (makunbound 'message-send-mail-function)
  (makunbound 'smtpmail-default-smtp-server)
  (makunbound 'smtpmail-auth-credentials)
  (setq message-send-mail-function 'smtpmail-send-it
        smtpmail-default-smtp-server "mail.rub.de"
        smtpmail-smtp-service 587
        user-mail-address "xyz@rub.de"
        smtpmail-auth-credentials
        '(("mail.rub.de" 587 "username" "password"))
        smtpmail-starttls-credentials
        '(("mail.rub.de" 587 nil nil))))

Note that no certificate and key files are specified for
smtpmail-starttls-credentials.  This code has worked fine until
recently.  Now when I use it no mail is sent and I get the following in
*Messages*:

<#part type=text/plain disposition=inline nofile=yes description="SMTP process 
output">
Sending via mail...
Opening STARTTLS connection to `mail.rub.de:587'...done
STARTTLS negotiation failed: 
250 8BITMIME

STARTTLS

220 ready for tls

*** Starting TLS handshake
- Ephemeral Diffie-Hellman parameters
 - Using prime: 1032 bits
 - Secret key: 1013 bits
 - Peer's public key: 1024 bits
- Certificate type: X.509
 - Got a certificate list of 4 certificates.

--==-=-=

 - Certificate[0] info:
 # The hostname in the certificate does NOT match 'mail.rub.de'.

smtpmail-send-command: Process SMTP not running

--==-=-=


The SMTP session trace is:


--==-=-=
Content-Disposition: inline
Content-Description: SMTP session trace


Process SMTP exited abnormally with code 1
220 mail.ruhr-uni-bochum.de NO UCE C=DE ESMTP

EHLO escher.local.home

250-mail.ruhr-uni-bochum.de NO UCE C=DE

250-STARTTLS

250-AUTH LOGIN PLAIN

250-PIPELINING
EHLO escher.local.home

QUIT


--==-=-=


When I opened this email account with Kmail (the KDE mail program), it
told me the certificate is untrusted, but allowed me to accept it
anyway.  Is this also possible with smtpmail.el (or I suppose with the
program it uses, gnutls-cli), and if so, how?

Thanks,
Steve Berman

--==-=-=--





--- End Message ---

reply via email to

[Prev in Thread] Current Thread [Next in Thread]