Closed Bug 855561 Opened 8 years ago Closed 3 years ago

[Buri][Shira-48047][Email] Support SMTP servers that do not require authentication.

Categories

(Firefox OS Graveyard :: Gaia::E-Mail, defect, P3)

ARM
Gonk (Firefox OS)
defect

Tracking

(Not tracked)

RESOLVED WONTFIX

People

(Reporter: sync-1, Unassigned)

References

Details

(Keywords: feature, Whiteboard: Poland, IOT, Buri)

AU_LINUX_GECKO_ICS_STRAWBERRY_V1.01.00.01.19.044
 Firefox os  v1.0.1
 Mozilla build ID: 20130319070203
 
 +++ This bug was initially created as a clone of Bug #429986 +++
 
 DEFECT DESCRIPTION:
 Very limited options while setting up account using manual setup.
 
 REPRODUCING PROCEDURES:
 Device gives very limited options for email account setup.
 while setting up an account manually there is option to setup the port no. but there is no option to select whether to use SSL or TLS or plain text only. There is also no option to select whether to use authentication for SMTP or not and there is no option for password.
 
 
 Customer Impact Statement: 
 User may face problems working with some mail accounts. E.g. if port 587 is used with SSL but by default 587 is recognised by device as plain text. So device will not be able to cnnect to servers using SSL on port 587.
 
 EXPECTED BEHAVIOUR:
 There should be flexibility to choose security etc.
 
 ASSOCIATE SPECIFICATION:
 
 TEST PLAN REFERENCE:
 
 TOOLS AND PLATFORMS USED:
 
 USER IMPACT:
 
 REPRODUCING RATE:100%
 
 For FT PR, Please list reference mobile's behavior:
 
 ++++++++++ end of initial bug #429986 description ++++++++++
 
 
 
 CONTACT INFO (Name,Phone number):
 
 DEFECT DESCRIPTION:
 
 REPRODUCING PROCEDURES:
 
 EXPECTED BEHAVIOUR:
 
 ASSOCIATE SPECIFICATION:
 
 TEST PLAN REFERENCE:
 
 TOOLS AND PLATFORMS USED:
 
 USER IMPACT:
 
 REPRODUCING RATE:
 
 For FT PR, Please list reference mobile's behavior:
Bug 847032 is our STARTTLS tracking bug for e-mail.  That's a mozTCPSocket problem that limits what the e-mail app can do.

We currently do not want to support unencrypted connections because there are very obvious privacy and security problems with doing so.  As a user-centric organization, we would be much better off porting the capability from Thunderbird that helps users create new accounts at providers that support SSL.

For supporting SMTP servers that don't require authentication (possibly because of temporary whitelisting of the user's IP address based on IMAP authentication), it does make sense to add a combo-box that indicates whether we need to first IMAP auth or whether the SMTP server is wide-open because of other white-listing.  That should be spun off as a bug just scoped to that problem; I don't see any existing bugs for it.

SMTP servers with different credentials is also a real bug, currently tracked as bug 805501.
Depends on: 847032
Summary: [Buri][TMO-48047][Email]Very limited options while setting up account using manual setup. → [Buri][Shira-48047][Email]Very limited options while setting up account using manual setup.
blocking-b2g: --- → tef?
I think this about adding new features to v1.0.1, hence, would like ffos product team to decide here.
Flags: needinfo?(ffos-product)
> For supporting SMTP servers that don't require authentication (possibly
> because of temporary whitelisting of the user's IP address based on IMAP
> authentication), it does make sense to add a combo-box that indicates
> whether we need to first IMAP auth or whether the SMTP server is wide-open
> because of other white-listing.  That should be spun off as a bug just
> scoped to that problem; I don't see any existing bugs for it.

I do believe there is value in adding this functionality into the setup flow.  

This doesn't sound trivial, but I'll let asuth comment on the LOE and risk profile for this change.
Flags: needinfo?(ffos-product)
(In reply to Chris Lee [:clee] from comment #3)
> This doesn't sound trivial, but I'll let asuth comment on the LOE and risk
> profile for this change.

There are 3 ways we could do this:

Automatic: Try and detect SMTP servers that don't require authentication during our SMTP probing.  This requires more work, specifically changes to the SMTP prober and some investigation of the best way to handle.  We can probably avoid slowing down the autoconfig path if we either only try without auth as a fallback path to it being angry about us trying with auth.

Manual: Don't do automatic, require use of the manual setup option.  *This will require new strings*

Both: Try and do automatic, but also have the manual option (still requires new strings).

None of the variants are particularly difficult; our SMTP library is already capable of logging in without using credentials.  Depending on how thorough we go with unit tests and testing, all solutions are just a day or two of engineering time.
If this intended to be done for v1.0.1 we need a decision asap.
Flags: needinfo?(clee)
Flags: needinfo?(kev)
I don't see this as necessary for v1.0.1.  We can target this for a future release.
Flags: needinfo?(kev)
Flags: needinfo?(clee)
ok, tef- is then. 

If the reporter has still some concerns I'd suggest you talk directly to FFOS product team.
blocking-b2g: tef? → -
Whiteboard: Poland, IOT, Buri
Shira carrier reported, nominate for future consideration
blocking-b2g: - → koi?
Priority: P2 → P3
Summary: [Buri][Shira-48047][Email]Very limited options while setting up account using manual setup. → [Buri][Shira-48047][Email] Support SMTP servers that do not require authentication.
Keywords: feature
triage: feature request, not blocking 1.2. Peter will follow up on prioritzation of this one.
blocking-b2g: koi? → ---
Flags: needinfo?(pdolanjski)
blocking-b2g: --- → 1.3?
:WDM,:jcheng, can you provide more information on the carrier desire here.  Is the request actuall for IMAP-then-SMTP or POP-then-SMTP to deal with the authentication needs of the SMTP server that does not want actual authentication?  If we just support turning off authentication, but one of those is actually what is required, there might be failures that are hard to diagnose, etc.
Flags: needinfo?(wmathanaraj)
Over to Adam for prioritization.
Flags: needinfo?(pdolanjski) → needinfo?(arogers)
Operator request is POP-then-SMTP.
Flags: needinfo?(wmathanaraj)
(In reply to Wilfred Mathanaraj [:WDM] from comment #12)
> Operator request is POP-then-SMTP.

Do we know what domain(s) this is for and whether we can get test credentials for one or more of them?
Flags: needinfo?(wmathanaraj)
triage: feature request. removing the blocking flag and will consider it for prioritization in a later release. also would like to wait and see if we get any feedback from partners to see if this is causing significant problems for customers.
blocking-b2g: 1.3? → ---
no further feedback from partner and hence removing the NI on me - please implement and test as internally required.
Flags: needinfo?(wmathanaraj)
Feature Request.
Flags: needinfo?(arogers)
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.