[RFC] Add extra ehlo() and starttls() for gmail smtp
Jelmer Vernooij
jelmer at vernstok.nl
Wed Sep 5 18:59:55 BST 2007
Am Mittwoch, den 05.09.2007, 13:01 -0400 schrieb Aaron Bentley:
> Harald Meland wrote:
> > [Keir Mierle]
> > An SMTP client shouldn't try to do STARTTLS until after EHLO has
> > succeeded (and indicated that STARTTLS indeed is among the extensions
> > that the server supports). The client should also fall back to HELO
> > if EHLO fails, and verify whether HELO fails.
>
> This looks like a nice improvement. There's just one thing I wonder about:
>
> > + (code, message) = self._connection.starttls()
> > + if (200 <= code <= 299):
>
> This seems to mean that if starttls fails, we'll use unencrypted SMTP.
> I'm not sure whether we should fail in this situation, give a warning,
> or silently continue. It seems like if people expect their privacy to
> be protected and it's not, that's a violation of trust. But OTOH, I
> don't know whether people would expect privacy here.
I would at the very least expect a warning. For example, when I'm
sending a company-private changeset over public wifi, I definitely
wouldn't want bzr to be falling back to non-SSL unexpectedly.
Cheers,
Jelmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20070905/8f7dd212/attachment.pgp
More information about the bazaar
mailing list