Clarification about forced TLS connections with remote mailboxes and smt

help-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clarification about forced TLS connections with remote mailboxes and smt

From:	BP25
Subject:	Clarification about forced TLS connections with remote mailboxes and smtp
Date:	Tue, 23 Apr 2024 16:57:19 +0100

Hello,

I have a few questions. Is there a kind soul who would clarify a few
things for me please?

1. I use Rmail to fetch my messages from remote mailboxes. Do you know
if using the url starting with pops:// or imaps:// always forces the
connection to be encrypted via TLS over SSL?

1a. Then what happens when only the Emacs movemail is available? I think
that no encrypted connection is supported for the POP protocol then.

1b. Suppose we're using instead the Mailutils movemail: does the --tls
flag only affect connections with URL starting by pop:// or imap://, and
doesn't affect connections whose URL starts by pops:// or imaps://?

2. I read on the movemail manual ``The deprecated POP3S protocol is also
supported. It is enabled by an URL beginning with pops:// instead of
pop://'' but I read on the Emacs manual ``If using Mailutils movemail,
you may wish to use ‘pops’ in place of ‘pop’.'' therefore I'm confused
on whether this syntax is obsolete or recommended!

I use Message and I send emails by using smtpmail-send-it. I also set
variables smtpmail-smtp-service 465 and smtpmail-stream-type 'ssl.

3a. Does setting either one of these last two varibales already force
the connection to happen via TLS over SSL?

3b. If neither of the two variables is set but the SMTP server I use
says that:

--8<---------------cut here---------------start------------->8---
 ``If your mail client does not support secure SMTP, you cannot use our
server as your SMTP. You might have the option of choosing either TLS or
SSL for the secure connection. Both protocols work, but most ISPs will
block port 25 (used by TLS), so we recommend that you choose SSL'' and
later adds that ``For security reasons, we no longer support SSL.''
--8<---------------cut here---------------end--------------->8---

then does it mean that I cannot have accidentally exposed my login
details or other information by initiating a nonencrypted connection?

3c. Do you agree that the quoted information from my SMTP server above
is confusing?

[Prev in Thread]

Current Thread

[Next in Thread]

Clarification about forced TLS connections with remote mailboxes and smtp, BP25 <=
- Re: Clarification about forced TLS connections with remote mailboxes and smtp, BP25, 2024/04/23
  - Re: Clarification about forced TLS connections with remote mailboxes and smtp, Stefan Monnier, 2024/04/23
  - Re: Clarification about forced TLS connections with remote mailboxes and smtp, Eli Zaretskii, 2024/04/24
- Re: Clarification about forced TLS connections with remote mailboxes and smtp, Eli Zaretskii, 2024/04/24

Prev by Date: Re: etags to xref changed navigation
Next by Date: Re: Clarification about forced TLS connections with remote mailboxes and smtp
Previous by thread: C-u j in Rmail jumps to message number 4
Next by thread: Re: Clarification about forced TLS connections with remote mailboxes and smtp
Index(es):
- Date
- Thread