socket type plain seems to not working
Closed this issue · 11 comments
Hello,
I am trying to add my own imap service to your app by adding a provider in lib/services/providers.dart
all work good if i call my provider with a socketType: ssl
in production
But if i try to use it with a socketType plain
for my local test, the code seems to force the ssl connection (upradeToSslSocket() from enoug_mail dependency) and i dont want to buy a certificate just for testing ^^
Can you help me on how to authorize a socketType: plain
without a ssl certificate
?
Here my providers :
class NewTestProvider extends Provider {
NewTestProvider ()
: super(
'newTest',
'ipOfImapService',
ClientConfig()
..emailProviders = [
ConfigEmailProvider(
displayName: ' NewTestMail',
displayShortName: ' NewTest',
incomingServers: [
ServerConfig(
type: ServerType.imap,
hostname: 'ipOfImapService',
port: 143,
socketType: SocketType.plain,
authentication: Authentication.passwordCleartext,
usernameType: UsernameType.emailAddress,
)
],
outgoingServers: [
ServerConfig(
type: ServerType.smtp,
hostname: 'ipOfImapService',
port: 25,
socketType: SocketType.plain,
authentication: Authentication.passwordCleartext,
usernameType: UsernameType.emailAddress,
)
],
)
],
domains: ['test.local', 'easycrypt.io']);
}
You are right, this was a problem in the highlevel enough_mail API, compare Enough-Software/enough_mail#172
Running flutter pub upgrade
should fix that problem.
Work like a charm thank dude
Sorry but i got the same problem with the outgoingServer !
Can you paste the output of your SMTP service when sending it EHLO
? It seems that your service lists STARTTLS as it's capabilities.
On the commandline you can check the output like this:
> telnet smtp.domain.com 587
smtp server XXX ready...
> EHLO enough
250-domain.com Hello enough
250-8BITMIME
250-AUTH LOGIN PLAIN
250-SIZE 140000000
250 STARTTLS
> QUIT
Here is my output :
I/flutter ( 9675): SMTP-null C: EHLO enough.de
I/flutter ( 9675): SMTP-null S: 250-easycrypt.io your name is not enough.de
I/flutter ( 9675): SMTP-null S: 250-DSN
I/flutter ( 9675): SMTP-null S: 250-SIZE
I/flutter ( 9675): SMTP-null S: 250-STARTTLS
I/flutter ( 9675): SMTP-null S: 250-ETRN
I/flutter ( 9675): SMTP-null S: 250-TURN
I/flutter ( 9675): SMTP-null S: 250-ATRN
I/flutter ( 9675): SMTP-null S: 250-NO-SOLICITING
I/flutter ( 9675): SMTP-null S: 250-HELP
I/flutter ( 9675): SMTP-null S: 250-PIPELINING
I/flutter ( 9675): SMTP-null S: 250-SMTPUTF8
I/flutter ( 9675): SMTP-null S: 250 EHLO
I/flutter ( 9675): SMTP-null C: STARTTLS
I/flutter ( 9675): SMTP-null S: 220 please start a TLS connection
I/flutter ( 9675): SMTP-null A: STARTTL: upgrading socket to secure one...
Ok, your SMTP service indeed advertises support for STARTTLS, compare the output line
I/flutter ( 9675): SMTP-null C: STARTTLS
So in your case you would need to configure your SMTP service not to support STARTTLS.
Ok but i tell the socketType to be plain and i dont want my service to unsupport starttls
here is my service log for steps :
12:56:52.809 5 SMTPI-000004([172.18.0.1]:57378) inp: EHLO enough.de
12:56:52.811 5 SMTPI-000004([172.18.0.1]) out: 250-easycrypt.io your name is not enough.de\r\n250-DSN\r\n250-SIZE\r\n250-STARTTLS\r\n250-AUTH LOGIN PLAIN CRAM-MD5 DIGEST-MD5 GSSAPI MSN NTLM\r\n250-ETRN\r\n250-TURN\r\n250-ATRN\r\n250-NO-SOLICITING\r\n250-HELP\r\n250-PIPELINING\r\n250-SMTPUTF8\r\n250 EHLO\r\n
12:56:52.837 5 SMTPI-000004([172.18.0.1]) inp: STARTTLS
12:56:52.838 5 SMTPI-000004([172.18.0.1]) out: 220 please start a TLS connection\r\n
You are right of course, but on the other hand it would be really stupid not to switch to TLS when the server supports it.
There is a tension between the real world, where security should be top priority and the development world, where you might prefer unsecured connections. I've seen servers that claim to use PLAIN connections even though they support STARTTLS. If enough_mail would not upgrade to TLS in such a case it would be a severe security breach.
In your case I believe the most simple solution is to reconfigure your development SMTP service...
Yes i understand what you are saying !
Sorry for insist but it may be more difficult for me to just reconfigure the smtp service since it is on a serverSide where the backoffice dont give me that possibility !
So what do you think about possibility to make a new socketType called unsecure or just o boolean in the provider object like isSecure
by default set to true but if set to false it can pass the request without starttls
ok, I can see that. I have added the option SocketType.plainNoStartTls
that you can now use after running flutter pub upgrade
again. With that MailClient
will never try to use STARTTLS
even when the server advertises support for it.
thanks man you are rock ! All working fine