socket type plain seems to not working

Question

socket type plain seems to not working

Closed this issue 3 years ago · 11 comments

Hello,
I am trying to add my own imap service to your app by adding a provider in lib/services/providers.dart

all work good if i call my provider with a socketType: ssl in production
But if i try to use it with a socketType plain for my local test, the code seems to force the ssl connection (upradeToSslSocket() from enoug_mail dependency) and i dont want to buy a certificate just for testing ^^
Can you help me on how to authorize a socketType: plain without a ssl certificate
?
Here my providers :

class NewTestProvider extends Provider {
  NewTestProvider ()
      : super(
            'newTest',
            'ipOfImapService',
            ClientConfig()
              ..emailProviders = [
                ConfigEmailProvider(
                  displayName: ' NewTestMail',
                  displayShortName: ' NewTest',
                  incomingServers: [
                    ServerConfig(
                      type: ServerType.imap,
                      hostname: 'ipOfImapService',
                      port: 143,
                      socketType: SocketType.plain,
                      authentication: Authentication.passwordCleartext,
                      usernameType: UsernameType.emailAddress,
                    )
                  ],
                  outgoingServers: [
                    ServerConfig(
                      type: ServerType.smtp,
                      hostname: 'ipOfImapService',
                      port: 25,
                      socketType: SocketType.plain,
                      authentication: Authentication.passwordCleartext,
                      usernameType: UsernameType.emailAddress,
                    )
                  ],
                )
              ],
            domains: ['test.local', 'easycrypt.io']);
}

Answer 1 · 2021-09-27T09:23:15.000Z

You are right, this was a problem in the highlevel enough_mail API, compare Enough-Software/enough_mail#172

Running flutter pub upgrade should fix that problem.

Answer 2 · 2021-09-27T11:53:20.000Z

Work like a charm thank dude

Answer 3 · 2021-09-27T11:56:22.000Z

Sorry but i got the same problem with the outgoingServer !

Answer 4 · 2021-09-27T12:18:38.000Z

Can you paste the output of your SMTP service when sending it EHLO? It seems that your service lists STARTTLS as it's capabilities.

On the commandline you can check the output like this:

> telnet smtp.domain.com 587
smtp server XXX ready...
> EHLO enough
250-domain.com Hello enough
250-8BITMIME
250-AUTH LOGIN PLAIN
250-SIZE 140000000
250 STARTTLS
> QUIT

Answer 5 · 2021-09-27T12:50:53.000Z

Here is my output :

I/flutter ( 9675): SMTP-null C: EHLO enough.de
I/flutter ( 9675): SMTP-null S: 250-easycrypt.io your name is not enough.de
I/flutter ( 9675): SMTP-null S: 250-DSN
I/flutter ( 9675): SMTP-null S: 250-SIZE
I/flutter ( 9675): SMTP-null S: 250-STARTTLS
I/flutter ( 9675): SMTP-null S: 250-ETRN
I/flutter ( 9675): SMTP-null S: 250-TURN
I/flutter ( 9675): SMTP-null S: 250-ATRN
I/flutter ( 9675): SMTP-null S: 250-NO-SOLICITING
I/flutter ( 9675): SMTP-null S: 250-HELP
I/flutter ( 9675): SMTP-null S: 250-PIPELINING
I/flutter ( 9675): SMTP-null S: 250-SMTPUTF8
I/flutter ( 9675): SMTP-null S: 250 EHLO
I/flutter ( 9675): SMTP-null C: STARTTLS
I/flutter ( 9675): SMTP-null S: 220 please start a TLS connection
I/flutter ( 9675): SMTP-null A: STARTTL: upgrading socket to secure one...

Answer 6 · 2021-09-27T12:53:06.000Z

Ok, your SMTP service indeed advertises support for STARTTLS, compare the output line

I/flutter ( 9675): SMTP-null C: STARTTLS

So in your case you would need to configure your SMTP service not to support STARTTLS.

Answer 7 · 2021-09-27T13:29:41.000Z

Ok but i tell the socketType to be plain and i dont want my service to unsupport starttls

here is my service log for steps :

12:56:52.809 5 SMTPI-000004([172.18.0.1]:57378) inp: EHLO enough.de
12:56:52.811 5 SMTPI-000004([172.18.0.1]) out: 250-easycrypt.io your name is not enough.de\r\n250-DSN\r\n250-SIZE\r\n250-STARTTLS\r\n250-AUTH LOGIN PLAIN CRAM-MD5 DIGEST-MD5 GSSAPI MSN NTLM\r\n250-ETRN\r\n250-TURN\r\n250-ATRN\r\n250-NO-SOLICITING\r\n250-HELP\r\n250-PIPELINING\r\n250-SMTPUTF8\r\n250 EHLO\r\n
12:56:52.837 5 SMTPI-000004([172.18.0.1]) inp: STARTTLS
12:56:52.838 5 SMTPI-000004([172.18.0.1]) out: 220 please start a TLS connection\r\n

Answer 8 · 2021-09-27T14:26:05.000Z

You are right of course, but on the other hand it would be really stupid not to switch to TLS when the server supports it.

There is a tension between the real world, where security should be top priority and the development world, where you might prefer unsecured connections. I've seen servers that claim to use PLAIN connections even though they support STARTTLS. If enough_mail would not upgrade to TLS in such a case it would be a severe security breach.

In your case I believe the most simple solution is to reconfigure your development SMTP service...

Answer 9 · 2021-09-27T14:36:31.000Z

Yes i understand what you are saying !
Sorry for insist but it may be more difficult for me to just reconfigure the smtp service since it is on a serverSide where the backoffice dont give me that possibility !
So what do you think about possibility to make a new socketType called unsecure or just o boolean in the provider object like isSecure by default set to true but if set to false it can pass the request without starttls

Answer 10 · 2021-09-27T19:26:47.000Z

ok, I can see that. I have added the option SocketType.plainNoStartTls that you can now use after running flutter pub upgrade again. With that MailClient will never try to use STARTTLS even when the server advertises support for it.

Answer 11 · 2021-09-27T19:35:06.000Z

thanks man you are rock ! All working fine