Shop OBEX P1 Docs P2 Docs Learn Events
DEMO: SMTP "SpinMail" — Parallax Forums

DEMO: SMTP "SpinMail"

Beau SchwabeBeau Schwabe Posts: 6,566
edited 2011-09-26 20:05 in Accessories
Spinmail - It's like Sendmail for your Spinneret

Use Port 587 to send E-mail from your Spinneret. All you need to know is you SMTP server information from your internet provider. Similar to setting up a POP E-mail account on your favorite E-mail client.

Some ISP's block the traditional E-mail port 25, this demo allows you to authenticate over port 587 instead. Some articles that I have come across indicate that Port 25 is only to be used for relaying E-mail from Server to Server and port 587 is the accepted Port to use for 'new' E-mail transmissions.

The current demo uses Authentication style "AUTH PLAIN" which does require a password encrypted as base64 which really isn't an encryption, it just makes it a little less human readable.

In a later version I would like to implement CRAM-MD5 which is much more secure. The idea is that you request a one time Key code from the server which is basically a Time stamp with some other server identifying information in base64 format... this Key is only valid during the connection. The key is then hashed with the user name and password and sent back to the server in what's called CRAM-MD5. The Email body can also use the Key to encrypt the data.

Enjoy!

CAUTION: Some friendly advice, coming from personal experience :-) ... if you do a lot of testing and don't send complete or valid TCP commands, the SPI Firewall might decide to kick you out and prevent you from connecting to your the port. Fortunately my router has an SPI Firewall built in and the router actually blocked me, BUT, if your router doesn't have such a feature, your internet service provider likely will, and they may not be so nice as re-establishing your port connection. Eventually the SPI firewall within the router will time out, which probably means it's time for you to have a break anyway. :-)

Comments

  • LtechLtech Posts: 380
    edited 2011-09-20 12:29
    Log of serial

    Attempting to Connect and send E-mail...
    220-smtp.skynet.be ESMTP
    220 Belgacom relay service - authentication required!
    EHLO {relay.skynet.be}
    250-smtp.skynet.be
    250-8BITMIME
    250-SIZE 16777216
    250 STARTTLS
    AUTH PLAIN
    530 #5.7.0 Must issue a STARTTLS command first


    And stop.....
  • Beau SchwabeBeau Schwabe Posts: 6,566
    edited 2011-09-20 13:26
    Ltech,

    Every SMTP provider has slightly different requirements....

    Your server only allows secure transmissions of the entire content.
    This is where I still need to implement MD5 coding to Authenticate TLS
    to a secure channel.

    You can replace the 'AUTH PLAIN" with "STARTTLS" and try to figure out what the server need in response from you to proceed and Authenticate.

    When I have a few evenings I will address this.

    Reference:
    http://en.wikipedia.org/wiki/STARTTLS
    http://tools.ietf.org/html/rfc3207
    http://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_handshake_in_detail
  • stefstef Posts: 173
    edited 2011-09-26 14:07
    HI ltech

    I see you are strougeling with BE provider. Have you already find a sollution??
    I'm also located in Belgium.

    stef
  • Beau SchwabeBeau Schwabe Posts: 6,566
    edited 2011-09-26 20:05
    The MD5 hashing needs to happen first before the TLS authentication... there is code out there, mostly in C and some in Java... that needs to be converted to Spin. I have done some of this, but it has been a slow process. Once MD5 is in place, then CRAM-MD5 can be implemented, and similarly a TLS layer. STA support should be a part of the MD5 as well...

    You could use the standard Port 25, but many IP's block this port as it is really meant for relaying E-mail from server to server but is overly abused. Port 587 is intended for new E-mail submissions with proper authentication.

    Just don't let base64 fool you... it's nothing more than a decoder ring, there really is no level of hard encryption with base64.
Sign In or Register to comment.