search

voodoodyne / subethasmtp

SubEtha SMTP is a Java library for receiving SMTP mail
Other
352 stars 139 forks source link

feature request: allow turning TLS off #29

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
There is already a property that allows for setting requireTLS=false. 
There is also a property for displayTLS={true|false}.
Some people, even if using TLS, want to suppress advertising that fact, and
displayTLS=false will do that.  But if the client sends STARTTLS,
subethasmtp will switch to TLS.  
Other people do not wish to use TLS (e.g. internal use and wanting to avoid
configuring TLS/SSL, certificate, etc.).  
Setting both these properties:
requireTLS=false and displayTLS=false 
...allows them to use subethasmtp without configuring TLS.
However, if the client sends a STARTTLS, subethasmtp attempts to switch to
TLS regardless of the value of requireTLS, and an exception results if TLS
has not been configured.

I've modified subethasmtp to support a third property:  allowTLS.
When set to false, this property results in subethasmtp returning a 454
response to the STARTTLS command, thereby avoiding the exception when TLS
is not configured.

I'd like to propose this change as an enhancement for subethasmtp.

Original issue reported on code.google.com by FrankWBr...@gmail.com on 12 Mar 2010 at 5:48

GoogleCodeExporter commented 9 years ago 
Seems reasonable - want to submit a patch?

Original comment by lhori...@gmail.com on 7 Apr 2010 at 9:15

GoogleCodeExporter commented 9 years ago 
Attached is a patch file.

I debated over the name for the new flag, and settled on disableTLS for the 
following
reasons:
1. no conflict with prior versions.
2. both hideTLS and requireTLS have default value of false; it is consistent 
   that disableTLS also has a default value of false.
3. this allows the user to set only one of these flags to true for behavior 
   other than the default:
* default: TLS is supported and announced, but not required.
* disableTLS=true: TLS is not supported; so not announced by implication.
* hideTLS=true: TLS is not announced; it is supported but not required.
* requireTLS=true: TLS is required; so obviously can't be disabled and 
  pointless not to announce it.

That's my reasoning anyway.  I hope others will find it useful.

Original comment by FrankWBr...@gmail.com on 10 Apr 2010 at 2:01

Attachments:

GoogleCodeExporter commented 9 years ago 
Looks great. I'll apply this patch.

Original comment by latch...@gmail.com on 10 Apr 2010 at 2:19

GoogleCodeExporter commented 9 years ago 
This issue was closed by revision r374.

Original comment by latch...@gmail.com on 10 Apr 2010 at 2:40