Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.java.programmer > #6912
| From | Nigel Wade <nmw-news@ion.le.ac.uk> |
|---|---|
| Newsgroups | comp.lang.java.programmer |
| Subject | Re: JavaMail bug? |
| Date | 2011-08-09 13:31 +0100 |
| Message-ID | <9acnlmF447U1@mid.individual.net> (permalink) |
| References | (6 earlier) <j1771e$smf$1@localhost.localdomain> <99qjntFk6uU1@mid.individual.net> <j19l2v$h45$1@localhost.localdomain> <99sf3vFncoU1@mid.individual.net> <j1pp73$tje$1@localhost.localdomain> |
On 08/08/11 23:50, Martin Gregorie wrote: > On Wed, 03 Aug 2011 09:27:43 +0100, Nigel Wade wrote: > >> Note that it does not include AUTH, so no authentication will be allowed >> and the client should not attempt it. >> > Fair point. > >> This isn't a good idea. It's an open invitation to spammers to verify >> the existence of every recipient in your domain. >> > Except that this server really is private: my firewall blocks all inbound > connection requests and so its only contact with the outside world are > its outbound SMTP connections to my ISP's mail server when it needs to > send mail. Incoming mail is fetched by getmail and passed to the MTA via > the Postfix.sendmail utility. Ok. Fairy snuff. Personally I'd still get rid of it unless you are actively using it. It's somewhat in the realm of "security by obscurity". There's a potential for the vulnerability to be exposed, or for the configuration to migrate somewhere where it is exposed. Imagine your firewall goes down, the mail server stops working and users are clamouring for their email (it's like a drug here, users will get along without any other system, but not the mail server). Panic, Panic. Bypass the broken firewall to get the mail server back online - and now you're exposed. > >> I presume that this is due to the fact that the connect() above failed. >> You have specified authentication by using a user/password, but the >> connection does not allow authentication. When you subsequently use >> tr.send() there is no open session so a default session is created which >> appears to be to localhost. >> > OK, that makes sense. > > Your point about Transport.send() being static would seem to explain the > behaviour I'm seeing, but there's still a heap of anomalies, mainly in > the documentation: > > - Transport.send() says that its not a good idea to inherit the > connection from a Session and doesn't provide a suitable way of setting > the hostname (at least its docs don't mention one or mention the use of > properties, though obviously they are used by it. > > - now go and look at SMTPTransport. Its documentation includes > example code doing as we did, and getting the connection from Session. > I see the documentation showing use of Transport.sendMessage() (an abstract instance method) following a Session.getTransport(). I don't see use of Transport.send(). -- Nigel Wade
Back to comp.lang.java.programmer | Previous | Next — Previous in thread | Next in thread | Find similar
JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-07-23 20:32 +0000
Re: JavaMail bug? Knute Johnson <september@knutejohnson.com> - 2011-07-23 20:54 -0700
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-07-24 09:50 +0000
Re: JavaMail bug? Knute Johnson <september@knutejohnson.com> - 2011-07-24 09:27 -0700
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-07-25 19:36 +0000
Re: JavaMail bug? Knute Johnson <nospam@rabbitbrush.frazmtn.com> - 2011-07-25 23:00 -0700
Re: JavaMail bug? Steve Sobol <sjsobol@JustThe.net> - 2011-07-25 23:18 -0700
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-07-26 17:49 +0000
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-07-26 17:42 +0000
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-07-25 15:40 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-07-25 19:54 +0000
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-07-25 20:11 +0000
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-07-29 21:32 +0000
Re: JavaMail bug? Knute Johnson <september@knutejohnson.com> - 2011-07-29 16:26 -0700
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-08-01 13:20 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-08-01 21:49 +0000
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-08-02 16:34 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-08-02 20:01 +0000
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-08-03 09:27 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-08-08 22:50 +0000
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-08-09 13:31 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-08-09 22:47 +0000
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-08-10 09:34 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-08-10 19:37 +0000
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-08-03 09:38 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-08-16 21:06 +0000
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-08-17 10:29 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-08-17 19:54 +0000
Re: JavaMail bug? Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-08-18 09:34 +0100
Re: JavaMail bug? Martin Gregorie <martin@address-in-sig.invalid> - 2011-08-18 19:50 +0000
Re: JavaMail bug? Andreas Leitgeb <avl@gamma.logic.tuwien.ac.at> - 2011-08-01 12:54 +0000
csiph-web