cygwin /usr/bin/email
René Berber
rene.berber@gmail.com
Thu Jan 2 21:14:11 GMT 2025
On 1/2/2025 9:48 AM, Paul McKinley via Cygwin wrote:
> Hi, René, thanks so much for your help!
>
> The command reports version 1.3, nothing else. Would it have listed
> additional versions, possibly in different paragraphs if supported?
Openssl? It reports the higher version accepted. The openssl command
also allows you to limit the version, so you could check if 1.2 is
accepted (or like in MS Windows is deprecated.)
> I use current version of Mozilla Thunderbird for an email client, no
> issues with smtp sending there and connecting to the same email server
> so I know that side's working, but it's using the Thunderbird ssl stack,
> not openssl from cygwin.
>
> Is TLS 1.3 not supported in cygwin email yet?
I don't know, I don't have it in my mail server, so haven't tested.
> The error I get is the timeout while trying to read from SMTP server so
> it seems something's going wrong in the handshake sequence.
Yes, it looks like it.
> Greeting the SMTP server...
> email: FATAL: Smtp error: Timeout(10) while trying to read from SMTP server
>
> <snip>
>
> ---
> SSL handshake has read 3669 bytes and written 455 bytes
> Verification: OK
> ---
> New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
> Server public key is 2048 bit
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> Early data was not sent
> Verify return code: 0 (ok)
> ---
>
> On port 465 it connects but doesn't do STARTTLS.
>
> CONNECTED(00000005)
> Didn't find STARTTLS in server response, trying anyway...
> 100000000A000000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof
> while reading:ssl/record/rec_layer_s3.c:322:
> ---
> no peer certificate available
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 0 bytes and written 382 bytes
> Verification: OK
> ---
> New, (NONE), Cipher is (NONE)
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> Early data was not sent
> Verify return code: 0 (ok)
After I enabled the option on the server I did get one successful test,
then a failure. Don't know what went wrong. But if openssl doesn't
work, anything that uses it, like eMail, won't work.
With eMail it just doesn't work.
BTW I didn't mention that in order to get out of openssl you can use
Ctrl-d (the connection is live, you could send and receive anything
after the "250 DSN"... we usually simulated the mail protocol by hand).
--
R.B.
More information about the Cygwin
mailing list