search

jetmore / swaks

Swaks - Swiss Army Knife for SMTP
http://jetmore.org/john/code/swaks/
GNU General Public License v2.0
848 stars 86 forks source link

Will SWAKS use TLS when server offers plain authentication? #15

Closed RevealedFrom closed 4 years ago

RevealedFrom commented 4 years ago

AWS offers AUTH PLAIN LOGIN, but insists on TLS. In the following what does <** 530 mean? Is it a 530 rseponse or a comment?

=== Trying email-smtp.us-west-2.amazonaws.com:25...
=== Connected to email-smtp.us-west-2.amazonaws.com.
<-  220 email-smtp.amazonaws.com ESMTP SimpleEmailService-d-UCMGFU8F2 l8rfaVjiaG1V7Lvw7tuo
 -> EHLO STRAUSS
<-  250-email-smtp.amazonaws.com
<-  250-8BITMIME
<-  250-SIZE 10485760
<-  250-STARTTLS
<-  250-AUTH PLAIN LOGIN
<-  250 Ok
 -> AUTH LOGIN
<** 530 Must issue a STARTTLS command first
 -> AUTH PLAIN 
****credentials removed***********
<** 530 Must issue a STARTTLS command first
*** No authentication type succeeded
 -> QUIT
<-  221 Bye
=== Connection closed with remote host.

If it is a Http response, should SWAKS then try TLS?

jetmore commented 4 years ago

If you want swaks to perform tls, try using one of --tls or --tls-optional options.

jetmore commented 4 years ago

And in answer to your first question, 530 Must issue a STARTTLS command first is an error returned by the server. Swaks errors that aren't from the server are marked with ***. The < indicates that it's from the server and ** indicates an error