Closed Bug 690686 Opened 13 years ago Closed 12 years ago

[config] free.fr now supports SSL on incoming servers

Categories

(Webtools :: ISPDB Database Entries, defect)

Product:
Webtools
Component:
ISPDB Database Entries
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: el.cameleon.1, Assigned: el.cameleon.1)

References

(
URL
)

Details

(Whiteboard: [config])

Attachments

(1 file, 7 obsolete files)

Patch, v3
2.66 KB, patch
gozer
: review+
BenB
: review+
Details | Diff | Splinter Review 
imap.free.fr (famous French ISP) now support secure connection throught SSL and port 993.

Source: http://www.free.fr/assistance/2514-interet-et-fonctionnement.html

We need to update the autoconfiguration file which actually use unsecure connection.
Attachment #563684 - Flags: review?(sancus)
Assignee: nobody → el.cameleon.1
Sure that POP3 and SMTP still don't support any SSL?
Well, I just have a discussion with Yohan (one of the official representant of Free.fr) and he tells me that POP also support SSL since the begining of September. So I need to do a little more tests in order to update the configuration file.

However, SMTP only support authentification if the user ask for it, so we cannot enable it by default.
Attached file secure connection for POP and IMAP (obsolete) — 
Finally, Free has succeed to update its POP server to SSL :-)
Here is the final file.

Please contact me by private message if you need a test account. I am not completely sure of my works as I don't know how to test this autoconfiguration file :-(
Attachment #563684 - Attachment is obsolete: true
Attachment #563684 - Flags: review?(sancus)
Thanks, cameron. I can check later.

> SMTP only support authentification if the user ask for it

Could you please kick Yohan, your "official representant of Free.fr", that this is a real problem for us and our users? We need a config that "just works", the user cannot be aware of such things, users have no clue about this. Tell him that people want to check their mail in the office or at McDonald's, with Thunderbird.
(In reply to Ben Bucksch (:BenB) from comment #4)
> Thanks, cameron. I can check later.
> 
> > SMTP only support authentification if the user ask for it
> 
> Could you please kick Yohan, your "official representant of Free.fr", that
> this is a real problem for us and our users? 

Well, I try:
> J'ai du mal à comprendre... La plupart des gens utilisent un portable de nos jours et se 
> connectent depuis de multiples endroits (famille, hotel, resto,...). Pourquoi les forcer à 
> cocher une option bien planquée dans l'Interface de gestion de Free pour que ça fonctionne? 
> Pourquoi les forcer à configurer manuellement l'interface de gestion puis Thunderbird pour 
> quelque chose qui pourrait être activé par défaut???

Yohan's answer:
> Parceque on veut que ce soit comme ca :)

Which means that there is no explanation to ask, they simply do not want to enable authentication by default :-(
I can only hope that he's not the one deciding this.
So, do you want to update the file like it is, or should we use the "visiturl" tag in order to direct the users to the instruction provided by Free [1] which allows to enable secure SMTP?


[1] http://www.free.fr/assistance/2407-interet-et-fonctionnement.html
(In reply to caméléon from comment #7)
> So, do you want to update the file 

sorry, I mean "upload", not "update"...
add documentationurl to the file
Attachment #570329 - Attachment is obsolete: true
Good idea, thanks. We currently don't use the visiturl in Thunderbird, but it's good to have it recorded for when we do.
add "visiturl" in order to point to the instructions provided by Free in order to activate authentification on the smtp
Attachment #574253 - Attachment is obsolete: true
Hi gents,
Is there something that prevent this configuration file to replace the old one and consequently that we can close this bug?
No, I just need to review and test it. I was away.
Attachment #574280 - Flags: review?(ben.bucksch)
(In reply to Ben Bucksch (:BenB) from comment #13)
> No, I just need to review and test it. I was away.

any update?
(In reply to Ben Bucksch (:BenB) from comment #13)
> No, I just need to review and test it. I was away.

Hi Ben,

Sorry to come back, I still need your approval for this patch too.
cameleon, please make sure you to keep the XML header <?xml version="1.0" encoding="UTF-8"?> and to save the file as UTF-8 (without BOM). The file here was Latin-1.
smtp.free.fr blackholes port 465!!! That means that when a user tried to use that server with SSL, the client stalls for about 2 minutes, and then times out. That is super-bad. This is a misconfigured firewall. It should send connection-refused like everybody else.
STARTTLS doesn't work either.
    <enable visiturl="http://www.free.fr/assistance/2407-interet-et-fonctionnement.html">
      <instruction lang="en">You need to enable authenticated SMTP manually before using it</instruction>
      <instruction lang="fr">Vous devez activer le SMTP authentifié avant de l'utiliser</instruction>
    </enable>

I went there, and went to <https://subscribe.free.fr/login/>, but I cannot find any "SMTP authentifié" option anywhere. I did see "Blocage SMTP sortant" in 2 different pages, but nothing about authentication or SSL.
(BTW: You used "secure SMTP" as translation for "SMTP authentifié", but "secure SMTP" is usually read as "SSL", not "autenticated". I have already corrected that.)

I tried to contact smtp.free.fr:25 from outside the Free network, and I get "Client host rejected: Access denied". However, if I use smtp.free.fr:587, I get:
$ netcat smtp.free.fr 587
220 smtp6-g21.free.fr ESMTP Postfix
EHLO dfh
250-smtp6-g21.free.fr
250-PIPELINING
250-SIZE 35000000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
in reply to Ben's last comment
(In reply to Ben Bucksch (:BenB) from comment #18)
>     <enable
> visiturl="http://www.free.fr/assistance/2407-interet-et-fonctionnement.html">
>       <instruction lang="en">You need to enable authenticated SMTP manually
> before using it</instruction>
>       <instruction lang="fr">Vous devez activer le SMTP authentifié avant de
> l'utiliser</instruction>
>     </enable>
> 
> I went there, and went to <https://subscribe.free.fr/login/>, but I cannot
> find any "SMTP authentifié" option anywhere. I did see "Blocage SMTP
> sortant" in 2 different pages, but nothing about authentication or SSL.

I think you need first to create a mail address, and then to log on Free with this mail address, not with the main Free account. See this screenshot
Re comment 19: That's bug 556750. :-(
Attached patch Patch, v2 (obsolete) — Splinter Review 

        Attachment #574280 -
        Attachment is obsolete: true

        Attachment #597378 -
        Attachment is obsolete: true

        Attachment #597379 -
        Attachment is obsolete: true

        Attachment #574280 -
        Flags: review?(ben.bucksch)

        Attachment #597383 -
        Flags: review?(gozer)

    
  

        Attachment #597383 -
        Flags: review+

    
    

    
  
I tested this config, and it works, without any changes in the admin panel.

(The user won't be able to send mail when he's outside the Free network, but that's bug 556750.)

    
    

    
  
caution: it seems that the patch v2 is now about laposte.net, not free.fr !

    
  
Summary: Autoconfiguration for imap.free.fr needs to be updated → [config] free.fr now supports SSL on incoming servers
Whiteboard: [config]

    
    

    
  

      
      
      
      

        Attached patch
          
          
        Patch, v3Splinter Review
      

    


  
Sorry, I attached the wrong file. This is the correct one.

        Attachment #597383 -
        Attachment is obsolete: true

        Attachment #597383 -
        Flags: review?(gozer)

        Attachment #597390 -
        Flags: review?(gozer)

    
  

        Attachment #597390 -
        Flags: review+

        Attachment #597390 -
        Flags: review?(gozer) → review+

    
    

    
  
Commited as SVN revision 101839
FIXED

SMTP auth problem persists and is tracked in bug 556750.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Component: ispdb → ISPDB Database Entries
Product: Mozilla Messaging → Webtools

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: