Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.sys.raspberry-pi > #9450

Re: Why can't RPi email?

From Unknown <dog@gmail.com>
Newsgroups comp.sys.raspberry-pi
Subject Re: Why can't RPi email?
Date 2015-08-19 03:55 +0000
Organization A noiseless patient Spider
Message-ID <pan.2015.08.19.03.59.07@gmail.com> (permalink)
References <mpg9ud$6qg$1@dont-email.me> <mpgi2n$b43$4@dont-email.me>

Show all headers | View raw


On Fri, 31 Jul 2015 19:25:12 +0000, Martin Gregorie wrote:

> On Fri, 31 Jul 2015 17:06:22 +0000, Frank Miles wrote:
> 
>> This is on a new RPi-2 with a Edimax (realtek) wifi device. Raspbian
>> with all updates.
>>
> When was your last update?
>  
>> The one possible questionable message is in /var/log/mail.info, it has
>> lines indicating that SSL connection is attempting to use
>> RSA_ARCFOUR_SHA1.  Is that what it should be using?
>>
> A number of SSL encryption standards have recently been deprecated
> recently because they're fundamentally broken and, as a result, are
> being removed. This is why you may have also seen HTTPS connection
> refusals if you're using the latest Firefox version: its the same thing.
> 
> If you, as the client end (still using a deprecated cypher), try to open
> an encrypted connection to a server that no longer supports that cypher,
> then you'll get the connection request refused with that type of
> rejection.
> 
> Unless you're an SSL maven about all you can do is update your RPi and,
> if the problem is still there, raise a bug with the the RPi sendmail
> maintainers.
> 
> The same thing can also bite you the other way round: I had a problem
> last week when Firefox 39.0, which no longer supports the deprecated
> cypher, got its https connection refused by a government server[1] which
> *only* supported the deprecated cypher. I fired up an old version of
> Opera (12.16), guessing that used the deprecated cypher. It did, and I
> was able to use it to do the job. I also raised a bug with the server
> admins, who are on the case and seemed happy to get the heads-up, but
> are taking their time to get the change made (probably due to the
> bureaucratic faff that impacts any changes made to a government or
> banking server).
> 
> [1] a helpful bunch of sysadmins, so no names, no pack drill except
>     to say it isn't a UK Government server

The original RFCs for eg. email were nice and simple.
Then they introduced <sender authenticate> which wasn't a problem to
extend the code to handle. But this SSL?TLS is a whole extra dark-layer
and I can't find out how to test it decoupled/separate from the old
familiar code.

We DIY enthusiasts are getting squeezed out, by big commercial interests.
Everything seems to be going httpS !

Back to comp.sys.raspberry-pi | Previous | NextNext in thread | Find similar | Unroll thread


Thread

Re: Why can't RPi email? Unknown <dog@gmail.com> - 2015-08-19 03:55 +0000
  Re: Why can't RPi email? Joe Beanfish <joebeanfish@nospam.duh> - 2015-08-19 13:38 +0000

csiph-web