Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.sys.raspberry-pi > #9450 > unrolled thread

Re: Why can't RPi email?

Started byUnknown <dog@gmail.com>
First post2015-08-19 03:55 +0000
Last post2015-08-19 13:38 +0000
Articles 2 — 2 participants

Back to article view | Back to comp.sys.raspberry-pi

This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by below is the oldest one visible, not the original post.


Contents

  Re: Why can't RPi email? Unknown <dog@gmail.com> - 2015-08-19 03:55 +0000
    Re: Why can't RPi email? Joe Beanfish <joebeanfish@nospam.duh> - 2015-08-19 13:38 +0000

#9450 — Re: Why can't RPi email?

FromUnknown <dog@gmail.com>
Date2015-08-19 03:55 +0000
SubjectRe: Why can't RPi email?
Message-ID<pan.2015.08.19.03.59.07@gmail.com>
On Fri, 31 Jul 2015 19:25:12 +0000, Martin Gregorie wrote:

> On Fri, 31 Jul 2015 17:06:22 +0000, Frank Miles wrote:
> 
>> This is on a new RPi-2 with a Edimax (realtek) wifi device. Raspbian
>> with all updates.
>>
> When was your last update?
>  
>> The one possible questionable message is in /var/log/mail.info, it has
>> lines indicating that SSL connection is attempting to use
>> RSA_ARCFOUR_SHA1.  Is that what it should be using?
>>
> A number of SSL encryption standards have recently been deprecated
> recently because they're fundamentally broken and, as a result, are
> being removed. This is why you may have also seen HTTPS connection
> refusals if you're using the latest Firefox version: its the same thing.
> 
> If you, as the client end (still using a deprecated cypher), try to open
> an encrypted connection to a server that no longer supports that cypher,
> then you'll get the connection request refused with that type of
> rejection.
> 
> Unless you're an SSL maven about all you can do is update your RPi and,
> if the problem is still there, raise a bug with the the RPi sendmail
> maintainers.
> 
> The same thing can also bite you the other way round: I had a problem
> last week when Firefox 39.0, which no longer supports the deprecated
> cypher, got its https connection refused by a government server[1] which
> *only* supported the deprecated cypher. I fired up an old version of
> Opera (12.16), guessing that used the deprecated cypher. It did, and I
> was able to use it to do the job. I also raised a bug with the server
> admins, who are on the case and seemed happy to get the heads-up, but
> are taking their time to get the change made (probably due to the
> bureaucratic faff that impacts any changes made to a government or
> banking server).
> 
> [1] a helpful bunch of sysadmins, so no names, no pack drill except
>     to say it isn't a UK Government server

The original RFCs for eg. email were nice and simple.
Then they introduced <sender authenticate> which wasn't a problem to
extend the code to handle. But this SSL?TLS is a whole extra dark-layer
and I can't find out how to test it decoupled/separate from the old
familiar code.

We DIY enthusiasts are getting squeezed out, by big commercial interests.
Everything seems to be going httpS !

[toc] | [next] | [standalone]


#9452

FromJoe Beanfish <joebeanfish@nospam.duh>
Date2015-08-19 13:38 +0000
Message-ID<mr20rq$ieu$2@dont-email.me>
In reply to#9450
On Wed, 19 Aug 2015 03:55:09 +0000, Unknown wrote:
> The original RFCs for eg. email were nice and simple.
> Then they introduced <sender authenticate> which wasn't a problem to
> extend the code to handle. But this SSL?TLS is a whole extra dark-layer
> and I can't find out how to test it decoupled/separate from the old
> familiar code.
> 
> We DIY enthusiasts are getting squeezed out, by big commercial
> interests.
> Everything seems to be going httpS !

Nope, not commercial interests, criminals. Just like in real life
the more criminals there are the more security is needed. More
security generally involves more inconvenience and expense for
the defenders. It's a never ending escalation on both sides which
makes it hard for the DIY to keep up.

[toc] | [prev] | [standalone]


Back to top | Article view | comp.sys.raspberry-pi


csiph-web