curl-library
Re: Curl using STARTTLS even if mailserver does not support it?
Date: Thu, 21 Feb 2013 07:19:23 +0100
Hi Steve,
> Curl currently sends the STARTTLS command regardless of whether the server
> supports it or not.
Ok, that explains one part of the problem.
>> From the log you supplied it looks like the username and password wasn't
> supplied, so curl treated the connection as anonymous, continued with the
> MAIL FROM command and then failed as it couldn't receive a response to that
> command.
Yes, it was some anonymous usage of a internal relay smtp server.
> Does this happen all the time and if so are you able to debug it?
It happens all the time. I think I found the problem. It was some wrong configured Exchange 2003 server who directly stops the connection after the error 554.
CURL: 554 5.7.3 Unable to initialize security subsystem
Sadly, most other servers simply doing some 502 or 503, but this one was missconfigured. The security subsystem was not working and this caused him to break. Doing some google on "5.7.3 Unable to initialize security subsystem" found the problem.
I dont know if libcurl should be able to handle it. Anyway, if the server does not announce STARTTLS, it should not get used. I'll have to develop some workaround in our software to let people decide if they like to use some insecure connection in such case.
Best,
Volker
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-02-21