Discussion:
[VM] sending email with ssl to Verizon server
Richard J. Frongillo
2013-10-27 16:45:23 UTC
Permalink
Hello,

I am a long time user of Emacs and VM trying to do something
pretty basic. Verizon is requiring that we move to SSL (actually,
they started the migration long ago, but they seem serious now):

Incoming mail server (POP3): pop.verizon.net
Incoming Server Port Numbers: 995
Outgoing mail server (SMTP): smtp.verizon.net
Outgoing Server Port Numbers: 465

Make sure SSL encryption is enabled for the incoming and outgoing
mail server.

My environment:

Windows 7 Home
GNU Emacs 24.3.1 (i386-mingw-nt6.1.7601) of 2013-03-17 on MARVIN
VM version is: 8.1.2
CYGWIN32/NT MYMACHINE 6.1 17.5 i686
stunnel version 4.56 (from stunnel.org)

I have read many, many articles and documents but have not found the
recipe to make this work. My understanding is that "the easy way" is
to use built in settings within Emacs 24 and VM to make this go, like:

(setq smtpmail-stream-type 'ssl)
(setq smtpmail-smtp-server "smtp.verizon.net")
(setq smtpmail-smtp-service 465)

(setq vm-spool-files (list "pop-ssl:pop.verizon.net:995:pass:MYEMAILADDRESS:MYPASSWORD"))

I could not get this to go. I would get:

POP connection not open POP over ssl

and/or a hang on sending. I then tried to use stunnel but that was
not fruitful.

Is there a document that gives a step-by-step on how to make this
work?

RRRRRRRRiiiiiiiiiiicccccccccccccchhhhhhhhhhhhhhhhh
Uday Reddy
2013-10-27 18:41:14 UTC
Permalink
Post by Richard J. Frongillo
Windows 7 Home
GNU Emacs 24.3.1 (i386-mingw-nt6.1.7601) of 2013-03-17 on MARVIN
VM version is: 8.1.2
CYGWIN32/NT MYMACHINE 6.1 17.5 i686
stunnel version 4.56 (from stunnel.org)
VM 8.1.2 was not made for Emacs 24 and so it won't know about Emacs 24
features. You can get the latest "beta-release" from
http://launchpad.net/vm.

If you want to stick to 8.1.2, you will need to use stunnel. Check the old
posts on stunnel in the gnu.emacs.vm.info archive:

https://groups.google.com/forum/#!searchin/gnu.emacs.vm.info/stunnel

Cheers,
Uday
Richard J. Frongillo
2013-10-27 23:22:39 UTC
Permalink
Thanks for the reply and information.

I am not tied to any particular version.

- I went to Emacs 24 because I saw documentation that said it had
some built-in SSL support.

- I had been using VM 8.1.1 for quite some time and went to 8.1.2
thinking it would be better to get to the latest for trying
this effort.

- I rather not use stunnel if Emacs/VM can do the job, but if
they can't, they can't.

I have now loaded vm-8.2.0b from the launchpad site to which you
pointed. I get different errors when attempting to "get mail" in a VM
summary buffer:

Checking for new mail...
vm-pop-parse-spec-to-list: Variable binding depth exceeds max-specpdl-size

and other errors when sending:

Sending...
gnutls.c: [1] (Emacs) GnuTLS library not found
Opening TLS connection to `smtp.verizon.net'...
Opening TLS connection with `gnutls-cli --insecure -p 465 smtp.verizon.net'...failed
Opening TLS connection with `gnutls-cli --insecure -p 465 smtp.verizon.net --protocols ssl3'...failed
Opening TLS connection with `openssl s_client -connect smtp.verizon.net:465 -no_ssl2 -ign_eof'...done
Opening TLS connection to `smtp.verizon.net'...done
smtpmail-send-command: writing to process: invalid argument, smtpmail

I expect the issues are straightforward. If someone has this working
or can offer pointers, please do.

RRRRRRRRiiiiiiiiiiicccccccccccccchhhhhhhhhhhhhhhhh
Post by Uday Reddy
Post by Richard J. Frongillo
Windows 7 Home
GNU Emacs 24.3.1 (i386-mingw-nt6.1.7601) of 2013-03-17 on MARVIN
VM version is: 8.1.2
CYGWIN32/NT MYMACHINE 6.1 17.5 i686
stunnel version 4.56 (from stunnel.org)
VM 8.1.2 was not made for Emacs 24 and so it won't know about Emacs 24
features. You can get the latest "beta-release" from
http://launchpad.net/vm.
If you want to stick to 8.1.2, you will need to use stunnel. Check the old
https://groups.google.com/forum/#!searchin/gnu.emacs.vm.info/stunnel
Cheers,
Uday
--
Uday Reddy
2013-10-28 09:00:05 UTC
Permalink
Post by Richard J. Frongillo
I have now loaded vm-8.2.0b from the launchpad site to which you
pointed. I get different errors when attempting to "get mail" in a VM
Checking for new mail...
vm-pop-parse-spec-to-list: Variable binding depth exceeds max-specpdl-size
Apparently, there is an outstanding bug report about this.

https://bugs.launchpad.net/vm/+bug/932964

Perhaps some earlier version of VM works. Alan, can you provide any info
about this?
Post by Richard J. Frongillo
Sending...
gnutls.c: [1] (Emacs) GnuTLS library not found
First of all, I can't see why you need GnuTLS for sending mail. I have
never used it for mail sending. Secondly, if you haven't installed GnuTLS
libraries (which is how ssl gets "built into" Emacs 24), then you need
install the libraries. Eli Zaretski has provided his version of this
library and others at:

http://sourceforge.net/projects/ezwinports/files/

This GnuTLS doesn't work perfectly, but it does the job.

Cheers,
Uday
Alan Wehmann
2013-10-28 16:53:32 UTC
Permalink
I am still investigating what I can say that is useful about the error
reported by Richard when checking for new mail.

As for sending email, I had success using gnutls-cli from Cygwin,
together with the smtp package in Emacs 24.2 on a laptop running Windows
XP Home. I am using the win32 version of emacs (version is reported as
"GNU Emacs 24.2.1 (i386-mingw-nt5.1.2600) of 2012-08-28 on MARVIN").
I'll provide more details in a later message.
Post by Uday Reddy
Post by Richard J. Frongillo
I have now loaded vm-8.2.0b from the launchpad site to which you
pointed. I get different errors when attempting to "get mail" in a VM
Checking for new mail...
vm-pop-parse-spec-to-list: Variable binding depth exceeds max-specpdl-size
Apparently, there is an outstanding bug report about this.
https://bugs.launchpad.net/vm/+bug/932964
Perhaps some earlier version of VM works. Alan, can you provide any info
about this?
Post by Richard J. Frongillo
Sending...
gnutls.c: [1] (Emacs) GnuTLS library not found
First of all, I can't see why you need GnuTLS for sending mail. I have
never used it for mail sending. Secondly, if you haven't installed GnuTLS
libraries (which is how ssl gets "built into" Emacs 24), then you need
install the libraries. Eli Zaretski has provided his version of this
http://sourceforge.net/projects/ezwinports/files/
This GnuTLS doesn't work perfectly, but it does the job.
Cheers,
Uday
--
Alan Wehmann
***@gmail.com
Alan Wehmann
2013-10-29 04:14:59 UTC
Permalink
I earlier wrote that I would provide more detail on using gnutls-cli (from cygwin) with Emacs 24.2 on my Windows XP Home laptop.
I now provide more detail.

The following are copied from my customization file:

'(mail-default-reply-to "***@gmail.com" nil (sendmail) "use Gmail")
'(mail-from-style (quote angles))
'(mail-interactive t)
'(mail-self-blind (expand-file-name "~/mail_rmail/XMAIL_sent_mail") nil (sendmail))
'(mail-signature t)
'(mail-signature-file "c:/cygwin/home/.gmail_signature" nil (sendmail) "use Gmail")
'(mail-user-agent (quote vm-user-agent))
'(pop3-stream-type (quote ssl))
'(query-user-mail-address nil)
'(send-mail-function (quote smtpmail-send-it))
'(smtpmail-smtp-server "smtp.googlemail.com" nil nil "use Gmail")
'(smtpmail-smtp-service 465)
'(smtpmail-stream-type (quote ssl))
'(tls-program (quote ("gnutls-cli --x509cafile /usr/ssl/certs/ca-bundle.crt --insecure -p %p %h")))

In this example I am using the smtp server "smtp.googlemail.com" (there is another, "smtp.gmail.com", which uses a different port on the same server).

Info node "(smtpmail) Authentication describes the use of the ~/.authinfo file to do the necessary authentication.

As a test I invoked the following in my Emacs shell buffer (which is using bash from Cygwin to interpret commands):

gnutls-cli --x509cafile /usr/ssl/certs/ca-bundle.crt --insecure -p 465 smtp.verizon.net

This specifies a location for a file with CA certificates. I created the Certificate Authority cert file from the Mozilla cert bundle, using the advice given in

http://www.mail-archive.com/modssl-***@modssl.org/msg16980.html

But I'm still using the --insecure option on the gnutls-cli command, so the checking on the server certificate is not necessary (I should be able to remove that option and thus insist that the server is valid).

After invoking the gnutls-cli command in the shell buffer, there is some output about the certificates and the TLS handshake takes place and the server identifies itself. I can then type "EHLO DELLLAPTOP" and the POP server will give me some status codes. One of these assures me that the authentication done by Emacs will work (this isn't true for the smtp server email.fnal.gov, at the lab where I used to work).

I wasn't interested in doing anything further, so I gave the command "QUIT" to the POP server at this point.

I can initiate writing email with the command "compose-mail", or I can use the methods specified in info node "(vm) Sending Messages".
--
Alan Wehmann
***@gmail.com
Continue reading on narkive:
Loading...