mail icon indicating copy to clipboard operation
mail copied to clipboard
verified publisher icon nextcloud

Connections without authentication

Open makuhama opened this issue 5 years ago • 4 comments

Expected behavior

It should be possible to configure localhost:25 for outbound email - without TLS, without username, without password.

Actual behavior

Whenever I try to specify localhost:25 for outbound email (TLS none, no username, no password) the settings are not accepted. I've already configured DEBUG log output. In horde_smtp.log I see

>> Thu, 21 May 2020 21:51:00 +0000
>> Connection to: smtp://localhost:25
S: 220 xxx.xxxxxx.xx ESMTP Postfix
C: EHLO xx.xxxxxx.xx
S: 250-xxx.xxxxxx.xx
S: 250-PIPELINING
S: 250-SIZE 10240000
S: 250-VRFY
S: 250-ETRN
S: 250-STARTTLS
S: 250-ENHANCEDSTATUSCODES
S: 250-8BITMIME
S: 250-DSN
S: 250-SMTPUTF8
S: 250 CHUNKING
C: STARTTLS
S: 220 2.0.0 Ready to start TLS
C: QUIT
>> ERROR: Server read/timeout error.

IMHO the mail app should not try to switch to TLS with STARTTLS here.

Mail app

Mail app version: 1.3.5

Mailserver or service: SMTP is served by local Postfix, IMAP and submission (authenticated SMTP with STARTTLS via port 587) are served by local dovecot.

BTW:

I have configured plain text IMAP on localhost:110 and secured IMAP (port 993) an all other interfaces. The email app happily connects to IMAP (localhost:110). But it refuses to use local plain SMTP (localhost:25).) The email app successfully connects to the FQDN of my server to submission (port 587) with STARTTLS.

Server configuration

Operating system: Arch Linux

Web server: Apache 2.4.43

Database: mariadb 10.4.13

PHP version: 7.4.6

Nextcloud Version: 18.0.4

Client configuration

Browser: Firefox 76.0.1

Operating system: Manjaro Linux

makuhama avatar May 21 '20 22:05 makuhama

This app currently only support authentication with password.

This is not a bug. This is a feature request.

ChristophWurst avatar Jun 02 '20 13:06 ChristophWurst

This is somewhat related to https://github.com/nextcloud/mail/issues/3146 in that it will require a new setting for the authentication method.

ChristophWurst avatar Jun 02 '20 13:06 ChristophWurst

How would users be authenticated in the solution proposed in this issue?

I think that it would be better to be able to configure Nextcloud as an XOauth2 provider in Dovecot or other mail server software.

mimi89999 avatar Sep 19 '22 17:09 mimi89999

Base support for XOAUTH2 is there https://github.com/nextcloud/mail/pull/6819. It's just hard to make this generic enough for arbitrary servers.

ChristophWurst avatar Sep 19 '22 18:09 ChristophWurst