Closed
Bug 687457
Opened 13 years ago
Closed 13 years ago
New tiscali.it autoconfig template
Categories
(Webtools :: ISPDB Server, defect)
Webtools
ISPDB Server
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: tdessi, Assigned: BenB)
Details
Attachments
(2 files, 3 obsolete files)
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0.2) Gecko/20100101 Firefox/6.0.2 Build ID: 20110906215100 Steps to reproduce: We just enabled the SSL on imap/pop3/smtp services so we'd like to publish a new template. Please note that the smtp service is still only available from the Tiscali customer network.
Comment 1•13 years ago
|
||
(In reply to Tom from comment #0) > Created attachment 560906 [details] > config-v1.1.xml > > User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0.2) Gecko/20100101 > Firefox/6.0.2 > Build ID: 20110906215100 > > Steps to reproduce: > > We just enabled the SSL on imap/pop3/smtp services so we'd like to publish a > new template. Please note that the smtp service is still only available from > the Tiscali customer network. If you host the file, the histed file will superseed the file hosted by mozilla. Hosting the file will make your next update easier too (see https://developer.mozilla.org/en/Thunderbird/Autoconfiguration#Configuration_server_at_ISP for documentation). Tom would tiscali host the file ?
Updated•13 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
I know, we are taking care of the autoconfig HTTP server, but it's not yet in place. In the meantime could you please update the tiscali.it template on ispdb? thanks T.
Updated•13 years ago
|
Attachment #560906 -
Flags: review?(ben.bucksch)
Assignee | ||
Comment 3•13 years ago
|
||
> We just enabled the SSL on imap/pop3/smtp services Thank you! Review, comparing to the existing tiscali.it file: - Keep the XML header - Why the change from EMAILLOCALPART to EMAILADDRESS? That's not what this bug is about. - You remove the encrypted passwords. Don't. They are still supported, and preferred even when over SSL, in case of server hacks etc. I notice the old config was broken! It had normal SSL on IMAP port 143. This can't work, and doesn't. Worse, we tell the user that his password is wrong! Gah. :-((( The IMAP server doesn't respond to my 1 CAPABILITY command, but maybe that's the line endings. Tom, can you confirm? For all of IMAP, POP3, SMTP: - SSL (with port 993, 995 and 465, respectively) - username is the part before the @ of the email address, e.g. "fred" for fred@tiscali.it - encrypted passwords via CRAM-MD5 are supported for IMAP and POP3, but not for SMTP. (We prefer this even over SSL, because if you store the passwords encrypted as well, a break into your servers or an SSL failure doesn't leave the users' passwords as exposed as with plaintext passwords.)
Assignee | ||
Updated•13 years ago
|
Attachment #560906 -
Flags: review?(ben.bucksch) → review-
Assignee | ||
Comment 4•13 years ago
|
||
Assignee: nobody → ben.bucksch
Attachment #560906 -
Attachment is obsolete: true
Status: NEW → ASSIGNED
Assignee | ||
Comment 5•13 years ago
|
||
Attachment #561159 -
Flags: review?
Assignee | ||
Updated•13 years ago
|
Attachment #561159 -
Flags: review? → feedback?(tdessi)
Assignee | ||
Updated•13 years ago
|
Attachment #561158 -
Flags: review?
Assignee | ||
Comment 6•13 years ago
|
||
Comment on attachment 561158 [details] [diff] [review] Config, v2 - Diff Blake, can you please drive this? I won't have much time in the next month, but this needs urgent attention, because the current config is wrong and gives a misleading error message.
Attachment #561158 -
Flags: review? → review?(bwinton)
(In reply to Ben Bucksch (:BenB) from comment #3) > Review, comparing to the existing tiscali.it file: > - Keep the XML header > - Why the change from EMAILLOCALPART to EMAILADDRESS? That's not what this > bug is about. our servers authenticate both EMAILLOCALPART and EMAILADDRESS, maybe it's safer the full EMAILADDRESS (but it's not an issue if you leave EMAILLOCALPART) > - You remove the encrypted passwords. Don't. They are still supported, > and preferred even when over SSL, in case of server hacks etc. OK > I notice the old config was broken! It had normal SSL on IMAP port 143. This > can't work, and doesn't. Worse, we tell the user that his password is wrong! > Gah. :-((( i know, it's the main reason for opening this bug! > The IMAP server doesn't respond to my 1 CAPABILITY command, but maybe that's > the line endings. yes, it is, please use -crlf option with "openssl s_client" command > Tom, can you confirm? > For all of IMAP, POP3, SMTP: > - SSL (with port 993, 995 and 465, respectively) OK > - username is the part before the @ of the email address, e.g. "fred" for > fred@tiscali.it OK (even if i prefer EMAILADDRESS) > - encrypted passwords via CRAM-MD5 are supported for IMAP and POP3, but not > for SMTP. > (We prefer this even over SSL, because if you store the passwords > encrypted as well, a break into your servers or an SSL failure doesn't > leave the users' passwords as exposed as with plaintext passwords.) OK, agreed but please note that CRAM-MD5 is available even on SMTP host (you cannot reach smtp.tiscali.it from outside Tiscali network), so we can use encrypted passords on smtp.tiscali.it too. T.
Updated•13 years ago
|
Attachment #561158 -
Flags: review?(bwinton) → review?(gozer)
Updated•13 years ago
|
Attachment #561158 -
Flags: review?(gozer) → review+
Assignee | ||
Comment 9•13 years ago
|
||
> CRAM-MD5 is available even on SMTP host Great. We should enable that. > you cannot reach smtp.tiscali.it from outside Tiscali network That is a problem however. Could you fix that, please, given that you have authentication on SMTP? We have users who take their notebook to work or McDonald's (Hotspot) and are confused when it doesn't work. Even *I* was confused why the server doesn't react. Ben
Assignee | ||
Comment 11•13 years ago
|
||
- Use email address as username - Use encrypted passwords for SMTP
Attachment #561158 -
Attachment is obsolete: true
Attachment #561362 -
Flags: review?(bwinton)
Assignee | ||
Comment 12•13 years ago
|
||
Attachment #561159 -
Attachment is obsolete: true
Attachment #561159 -
Flags: feedback?(tdessi)
Assignee | ||
Updated•13 years ago
|
Attachment #561362 -
Flags: review?(gozer)
Assignee | ||
Updated•13 years ago
|
Attachment #561363 -
Attachment mime type: audio/x-it → text/xml
Assignee | ||
Comment 13•13 years ago
|
||
Comment on attachment 561363 [details]
Config, v3 - XML
Tom, could you please test this config or give me a test account (you can send to my email address)?
Reporter | ||
Comment 14•13 years ago
|
||
it works! sent a test account to your address
Updated•13 years ago
|
Attachment #561362 -
Flags: review?(gozer) → review+
Comment 15•13 years ago
|
||
Comment on attachment 561362 [details] [diff] [review] Config, v3 - Diff Looks fine to me!
Attachment #561362 -
Flags: review?(bwinton) → review+
Assignee | ||
Comment 16•13 years ago
|
||
Committed as SVN r95271
Assignee | ||
Comment 17•13 years ago
|
||
FIXED
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 18•13 years ago
|
||
OK!
Updated•11 years ago
|
Component: ispdb → ISPDB Server
Product: Mozilla Messaging → Webtools
You need to log in
before you can comment on or make changes to this bug.
Description
•