dkopen / denyhosts

Unofficial DenyHosts Git repository to host changes for Python 3 compatibility and SourceForge issue #2127086
http://denyhosts.sourceforge.net/
GNU General Public License v2.0
1 stars 0 forks source link

DenyHosts SMTP should support TLS as required by some SMTP servers #2

Open dk-dkopen opened 9 years ago

dk-dkopen commented 9 years ago

(creating ticket after the fact, to document problem and solution)

As I was trying to set up DenyHosts with email notifications via Amazon AWS SES, I found that SES refuses to accept emails unless SMTP connection is secured with TLS or SSL. Other modern public and private SMTP servers would have the same requirement - i.a.

Initially I encountered messy workarounds such as stunnel - which are rather cumbersome and inelegant, as they entail a whole lot more setting up - e.g.

Then, I discovered that such a request and a patch indeed exists in the official project -

I used https://github.com/mruffalo/denyhosts as a fork basis ( it's good as it contains mostly historical releases + cleanups ) Patch applied - branching from v2.6 for compatibility. Ref commit https://github.com/dkopen/denyhosts/commit/7f8fd3d1b99f64524e379d38b72fd0de9355552b PR'd back to https://github.com/mruffalo/denyhosts - PR https://github.com/mruffalo/denyhosts/pull/3

This has been tested in action against Amazon AWS SES and it works.

Cc @mruffalo

dk-dkopen commented 9 years ago

@mruffalo spotted a typo - there was a reference to self - s.b. smtp - fixing

-            (code, resp) = self.helo()
+            (code, resp) = smtp.helo()