Closed Bug 258540 Opened 20 years ago Closed 17 years ago

SMTP server security config dialog VERY confused, misleading

Categories

(SeaMonkey :: MailNews: Account Configuration, defect)

Product:
SeaMonkey
Component:
MailNews: Account Configuration
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 185662

People

(Reporter: nelson, Unassigned)

Details

This problem seems to exist in mozilla and ff.

Ralph Fox wrote:

> and when I go to
> 
>     Edit -> Mail & Newsgroup Account Settings -> Outgoing server (SMTP)
> 
> I see these settings
> 
>     Port:  [   25    ]   Default 25

>     Use secure connection
>     (•) No   ( ) TLS, if available   ( ) TLS   ( ) SSL

That UI is confused, and confusing.  TLS and SSL are more-or-less the same
thing.  TLS is SSL 3.1.   Better labels for those 4 selections might be:
      ( ) No SSL/TLS
      ( ) TLS/SSL on server port 25, only if supported by the server
      ( ) TLS/SSL on server port 25, required (fail if not available)
      ( ) TLS/SSL on server port 465, required

The Help page for that dialog says:

 > # Use secure connection: If your outgoing server is configured to
 >   support an encrypted connection, choose one of the following (if you
 >   make a choice for which your server is not configured, you will get
 >   an error message when sending mail):
 >
 >     * No: If you don't want to use an encrypted link.
 >     * TLS, if available: Mozilla will try to use a TLS encrypted connection.
 >       If the server doesn't support it, an unencrypted connection is used.
 >     * TLS: Require a TLS encrypted connection. This mechanism will mostly
 >       run on the standard SMTP port 25.
 >     * SSL: Require a SSL encrypted connection. The default port for this
 >       is 465.

That documentation is correct about the port numbers, and about the
aspects of it being required or optional.  However, its attempt to use 
the names SSL and TLS to distinguish among ports is incorrect.
Dupe of Bug 220818?
Component: Networking: SMTP → Account Manager
OS: Windows 2000 → All
Hardware: PC → All
Version: 1.7 Branch → Trunk
Nah, this is not a dup.  
I'm not proposing any change to program behavior, nor radical new UI.
I'm not even proposing different sets of things to choose in the UI.
The 4 existing choices are fine.  The only problem is, the labels on 
the 4 choices don't accurately describe them.  

There's no way for an intelligent person to figure out that 
( ) TLS   means port 25 but
( ) SSL   means port 465 
because those TLAs' meanings have nothing to do with those port numbers.

I'm just asking for labels on those 4 choices that accurately describe
each of them, so that someone can choose one and have a reasonable 
expectation that what he has chosen is what he thinks he has chosen.

The effort required here is little/nothing more than for correcting a 
localization error.  It's just getting the labels to say the right things.
Yes, I know what SSL and TLS are. And I think most naming aspects have already
been  discussed in bug 135357.

One problem of a extensive labeling is the room it's needed for this (see
http://www.eyrich-net.org/mozilla/pref_panels.html).

I chose the words SSL and TLS because I think most mail provider will advice
their users to either use SSL or not. So having the two options "No" and "SSL"
should make it easy for users to follow that advice.
If the provider wants the users to use STARTTLS (which is the real and correct
name for the TLS option) it should be pretty simple for an user to figure out
that Mozillas option "TLS" is what to use.

As you can see in the examples above I prefer "STARTTLS" and "SMTP over SSL" but
in discussions people said that's to technical.

> ( ) No SSL/TLS
> ( ) TLS/SSL on server port 25, only if supported by the server
> ( ) TLS/SSL on server port 25, required (fail if not available)
> ( ) TLS/SSL on server port 465, required

I don't think it's to bad that the port currently isn't in the label. IMHO the
port isn't something the user has to bother with. If one wants to find out what
the default is or wants to change the port used, the UI offers the possibility
to do so.
Also I don't think users ask themselves "what happens if I chose SSL and the
server doesn't offer it". If they do so or wonder what the difference between
"TLS, if available" and "TLS" is, the help file should help here.

> There's no way for an intelligent person to figure out that 
> ( ) TLS   means port 25 but
> ( ) SSL   means port 465
> because those TLAs' meanings have nothing to do with those port numbers.

They aren't bound to those ports but are the defaults. The user is free to
change them.


As I wrote above I don't want to defend the current UI or say the help is as it
should be (I had an extensive discussion with Seth about the help text and the
current is what came out).
But please see that we have limited space and I don't want to change the current
incorrect wording with another incorrect.
Product: Browser → Seamonkey
Assignee: sspitzer → mail
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.