dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
30

StuartMW
Premium Member
join:2000-08-06

StuartMW to Mele20

Premium Member

to Mele20

Re: What is this error?

Is SMTP "Use secure connection" set to TLS?

See the bottom of this page

»products.secureserver.ne ··· bird.htm
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

My ISP does not use secure connection and I have never used that with dslr mail either and don't want to start. Email is just a postcard. If I need a secure email I have one in Israel. (But because I have the free version NSA can get the emails but not if I decide to pay ..so they claim and I think that is true since they can't even access except for the free service).

Anyhow, why suddenly would I need a secure connection to dslr mail server since I never have before?

I have to sleep now....so won't be replying for awhile.

StuartMW
Premium Member
join:2000-08-06

1 edit

StuartMW

Premium Member

said by Mele20:

Email is just a postcard. If I need a secure email I have one in Israel.

I think you're confusing secure email sending/receiving and encrypted email. They're not the same thing.

Using SSL/TLS with email servers (POP3/SMTP) is analogous to using HTTPS. The connection between you and the server is encrypted. That is useful if you want to stop every Tom, Dick and Harry (e.g. your ISP, if you're on public open Wi-FI) scanning your traffic as it goes by. End of story.

With email you're correct--it's a postcard. Using secure email sending/receiving doesn't change that. If one wants to stop the three-letter agencies reading their email one must encrypt the body (text of the email) before its sent. The receiver must also be able to decrypt the body (i.e. have software and the senders key).

Two entirely different things. For some reason people mix them up.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS to Mele20

MVM

to Mele20
said by Mele20:

My ISP does not use secure connection and I have never used that with dslr mail either and don't want to start.

May be true for TWC (TLS is not required with port 587), but might not be true for DSLR (TLS is recommended with port 587); per RFC 4409. Also, with TWC, are you certain you can use just "Username" at the login? Some ISPs require the full email address.

I don't see why what you don't want matters; the service wants things a certain way, and you either conform, or you don't use the service.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

1 edit

Mele20 to StuartMW

Premium Member

to StuartMW
Err...I didn't mix anything up. I do understand and I wish you hadn't posted that link in the Security forum saying I don't understand how email works encrypted or unencrypted with or without secure email sending. You are simply making unwarranted assumptions here. I PURPOSELY did not divulge the name of the Israeli email provider or how email and privacy are handled by it. I did give a clue though as I said I have the free service (implying there is also a paid service) and that it (the free version) is not truly secure against entities like NSA. Of course, maybe nothing is secure against NSA as maybe NSA has bought off this email provider. I am rather surprised they have not gone out business like similar ones have so I am suspicious they may have been bought off thus I hesitate to get the paid service.

My real point is that I don't give a hoot whether or not dslr.net mail is secure sending or not. Why would anyone care? NSA reads it all and we all know email is a post card. I use Road Runner email accounts also. I have to hand it to TWC in that they have never tried to snooker their customers, like some other ISPs have, claiming encryption between me and their server gives me any real privacy. TWC does not allow encrypted connection between their customers and TWC email servers. They are not as hypocritical as some ISPs.

What would piss me off would be if Justin told us that all IMs here are read by NSA and that he has agreed to this (backdoor would be a different story - but then maybe the Windows backdoor in all Windows machines since 95 allows this without Justin saying yea or nay).

Edit: Plus, none of it matters according to the latest revelations from the Guardian. Bruce Schneier is right. The engineers who created the internet have to take back control of it and fix the problems so this can never happen again. The USA must be stripped of its guardianship. It doesn't matter if if the Israeli email provider has or hasn't been bought off. It doesn't matter if dslr mail uses a secure connection between the user and the dslr mail server nor does it matter if email is encrypted or not. If NSA wants it they will get it until the power to control the Internet is taken away from the USA (and British) and reforms are made.
Mele20

Mele20 to NormanS

Premium Member

to NormanS
I didn't set it to port 587. Thunderbird set it to port 0 a few days ago which made no sense so I think, in retrospect, that Thunderbird was just showing port 0 but had actually set it at 587. It was originally set at port 25 by me not 587. Maybe Thunderbird is smart enough to change it as apparently port 25 stopped working for awhile. I also used my ISP's server for awhile for sending dslr mail but that stopped working the other day too probably because it uses port 25.

Last night, I sent two emails before retiring. One was a test one to a Road Runner account and the other was a reply to a software vendor about the bug I reported. I had to try several times but then they sent and showed up in the Sent folder. But today, the test one was not in my RR email Inbox. So, that one sent, according to TBird, but didn't get to my RR email account. I don't know if the vendor got the one I sent him or not.

So, I set dslr email server to port 25 again. I sent two test emails from dslr account (using dslr email server not Road Runner server) to different RR accounts. They both sent instantly with no problems and arrived quickly. I also sent one to a non Road Runner account and it arrived (but in the spam folder). So, I think there was some kind of glitch where port 25 stopped working for awhile and now works again with dslr mail server.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

I haven't used port 25 in years; at least since Yahoo! Japan enabled port 587 some time in 2003, anyway. My ISP at the time was SBC, and had implemented outbound blocking of port 25 in 2002. My new ISP, Sonic.net, blocks port 25 in both directions on dynamic residential accounts.

In fact, port 25 blocking is so prevalent on U.S. ISPs that any ESP which is worth using will offer Message Submission on either port 465, or port 587, if not both. Port 465 always requires SSL; port 587 often, but not always, requires TLS.

I currently can use port 25 because I have a static IP address; and my ISP policy allows running mail servers with static IP addresses. If I were to send an email to any of your email addresses, I can send it through a local SMTP server on my LAN. But I continue to use designated Message Submission ports with other servers, because it is easier when mobile.

My ISP keeps no connection records past two weeks (at least until the U.S. DoJ can convince the U.S. Congress to require record retention for a longer period).

People who stubbornly insist on using port 25 from dynamic residential accounts will usually encounter difficulties at some point in time.

StuartMW
Premium Member
join:2000-08-06

StuartMW to Mele20

Premium Member

to Mele20
said by Mele20:

Err...I didn't mix anything up. I do understand and I wish you hadn't posted that link in the Security forum saying I don't understand how email works encrypted or unencrypted with or without secure email sending. You are simply making unwarranted assumptions here.

My mistake and sorry. My point was that there are many many people, including so-called "experts", that don't know the difference.

Another problem is what some consider "email". I mean in its original internet usage (SMTP, POP3 and IMAP protocols). That was never designed to be secure (it just wasn't an issue at the time). Nowadays about the only way you can have a private conversation is to use the "cone of silence" and we all know how good that was.
19579823 (banned)
An Awesome Dude
join:2003-08-04

19579823 (banned)

Member

 

Yes I can agree with that!! (Its amazing how many people DO NOT KNOW THERE IS A DIFFERENCE BETWEEN JAVA AND JAVASCRIPT (They think they are the same!))
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20 to NormanS

Premium Member

to NormanS

Re: What is this error?

said by NormanS:

In fact, port 25 blocking is so prevalent on U.S. ISPs that any ESP which is worth using will offer Message Submission on either port 465, or port 587, if not both. Port 465 always requires SSL; port 587 often, but not always, requires TLS.

People who stubbornly insist on using port 25 from dynamic residential accounts will usually encounter difficulties at some point in time.

I guess TWC must not be worth using then since Port 25 is NOT blocked for use both inside and outside TWC mail servers UNLESS the user's computer has been identified as being infected and then port 25 is temporarily blocked until the infection is cleared up. Port 587 is offered but all of us who have had RR for 10 or more years have not been informed that we need to reconfigure our email clients to use port 587 so most of us are still using port 25.

Plus, when I set up Thunderbird on this Windows 8 computer last December, I was told to use port 25 outbound via Road Runner Help support article. A few months ago, Road Runner Help site was retired in favor of the new extremely depressing looking and extremely NON-helpful TWC Help which doesn't have any real help regarding setting up email clients as obviously TWC wants everyone to only use their horrifically bad webmail instead (so they can sell ads). But they do have a new help article that states that port 25 for SMTP server is not blocked except in the case of an infected computer to stop it from spewing out a lot of spam while infected.

TWC evidently though, has a new email system in certain divisions but not in mine. My Road Runner addresses are still @hawaii.rr.com and new users are still issued a master email account by the Oceanic installer and it cannot be changed or used (if you care about privacy) and you must immediately create at least one sub-account for use. (I assume the new system has been introduced to solve getting rid of paying royalties for the use of "RR" in the email addresses for new customers.

I would expect Oceanic to inform me if using port 25 is a no-no. Since they have not informed me of this, I can't see how using it could be problematic.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by Mele20:

I guess TWC must not be worth using then since Port 25 is NOT blocked for use both inside and outside TWC mail servers UNLESS the user's computer has been identified as being infected and then port 25 is temporarily blocked until the infection is cleared up. Port 587 is offered but all of us who have had RR for 10 or more years have not been informed that we need to reconfigure our email clients to use port 587 so most of us are still using port 25.

If they offer port 587, then they are worth using. The policy you describe was formerly also used by Comcast; but they are changing to full-on port 25 blocking, to the consternation of many of their subscribers. I didn't know the TWC policy; but there is no guaranty that it won't change.

I have accounts with AOL, Google, Outlook.com (formerly Hotmail), and AT&T/Yahoo!. All offer message submission on port 465 with SSL; and AOL and Google also on port 587; but I use port 465 with all of them (except Outlook.com; I use the DeltSync protocol in Windows Live Mail). My ISP also offers SMTP submission over port 465 as well.

And, no; I don't use SSL because I think it does anything more than provide client-to-sever password security. I use it because it is required by the services for port 465 access.
NormanS

NormanS to Mele20

MVM

to Mele20
said by Mele20:

My ISP does not use secure connection ... and don't want to start.

Error states, in part, "The mail server responded: 5.7.0 Must issue a STARTTLS command first." That seems to contradict the claim that "My ISP does not use secure connection". So why not try it:

Port 587 in Thunderbird.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

The error was for dslreports email server not my ISP.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA

NormanS

MVM

The error explicitly states that STARTTLS is expected; which ever server is throwing the error, set that server as I have shown and try again.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

It only did it for a brief period. The next day it was back to normal using port 25 and no connection security. TTLS is not required and I'm not using it if I don't have to. This is why I asked about the error. I didn't think I should have been getting it.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

But your screen shot shows Thunderbird using port 587? I guess I don't get it; but it seems simple enough. If you use port 587, and get an error about required use of STARTTLS, use it.

There are three basic RFCs covering SMTP:

»www.faqs.org/rfcs/rfc5321.html
»www.faqs.org/rfcs/rfc5322.html
»www.faqs.org/rfcs/rfc4409.html

The first two build on older RFCs, and pretty much define port 25 as the "Mail Transfer" port. Unless you are running a mail server, you don't need to use port 25, unless your ESP isn't compliant with current implementation of the RFCs.

The third defines end-user client access as "Message Submission", and strongly urges (but does not require) the use of port 587 for client access.

Then there is the de facto "standard" secure port for "Message Submission": Port 465.

There is no "THE SMTP port, but three commonly used ports covering two distinctly different SMTP operations.

Use port 25 if you must, and can; but understand that services offering message submission over port 25 are not guaranteed to continue the practice. I am guessing that you are not a mobile user; but those who connect while on the road usually will find port 25 access to be unreliable, dependent on the host system policies.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

Ah, now I see the confusion. Thunderbird changed it to 587. I had it on 25. The error confused me because I didn't know Thunderbird changed the port and I didn't see why I should get that error when using port 25 which I have used ever since I got dslr mail account many years ago and have always used with my ISP also. So, I knew I shouldn't be getting that error message and that's why I posted about it.

My ISP's Help files have always had the user configure port 25 for SMTP. Why would I change that unless my ISP told me I had to change it? Why would I change dslr's unless this site said I had to change it?

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by Mele20:

Ah, now I see the confusion. Thunderbird changed it to 587.

Thunderbird will do that. Mozilla seems to know the servers and ports which work with a number of ESPs; and will preselect during account setup. I have only had to override the Thunderbird defaults when setting up for '@pacbell.net' accounts; they still haven't figured out that the old, legacy SBC domains should use the Yahoo! servers with SSL selected,

Why would I change dslr's unless this site said I had to change it?

Oh, I don't know; I am just know-nothing SMTP guy ... Maybe because they work?

DSLR Mail:
C:\util\dig>telnet mail.dslr.net 587
Connecting To mail.dslr.net...
 
220 mail.dslr.net ESMTP Postfix (Ubuntu)
quit
221 2.0.0 Bye
 
Connection to host lost.
 

TWC (former RR) Mail:
C:\util\dig>telnet smtp-server.hawaii.rr.com 587
Connecting To smtp-server.hawaii.rr.com...
 
220 Welcome to Road Runner. WARNING: *** FOR AUTHORIZED USE ONLY! ***
quit
221 hrndva-omtalb.mail.rr.com closing connection
 
Connection to host lost.
 

Damned code tags are FUBAR?
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

Actually, Mozilla has never heard of dslr mail. I had a horrible time setting up Thunderbird because of this for dslr mail. i had to post about it several times both here in the old mail forum and in Thunderbird newsgroup. But yes, for common ISPs, Mozilla knows which servers and ports and will set up the account for you...but not for dslr mail. It was really thrown by my using a permanent alias with the dslr account. So, it never occurred to me that Thunderbird had changed the SMTP port on this account. I think it is weird that it did that all of a sudden ...not when I set up the account but recently....weird.

I never said RR mail won't use 587. Of course it will. But RR users (not the NEW TWC mail users...that's a different ball of wax) are still told to use Port 25.

As long as port 25 works why not use it? There's too much change just for the sake of change rather than because there is great improvement in the change over the status quo. It's more and more of a problem with the internet....constant change for no solid, good reason where the change provides considerable improvement and does not introduce drawbacks that were not in the status quo. Things should not fiddled with nearly as often as they are....rather something should be so solidly built that it won't need change for a long time (like XP still going strong. I'm on my XP Pro computer now. I haven't been on it in about three weeks or more and it is SO MUCH BETTER an OS than Windows 8 on a Desktop and Outlook Express runs circles around Thunderbird as it is a joy to use ....Thunderbird is BLOATED and a real hassle to learn because it is so bloated).

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

The SMTP ports were defined by 1996. A lot of ISPs moved to blocking port 25 in 2002. I couldn't begin to describe how many people have complained that they can't access port 25 over the last decade, who had to be informed that change was necessary.

The change isn't just for the sake of change; it definitely helps mitigate spam issues. For the "road warrior" it is a godsend.

I first encountered port 25 problems in 2001, while visiting my sister in Oregon. I tried to send an email (Outlook Express!), and received a "Relaying not allowed" error from 'mail.pacbell.net'. Worked fine at home, from an SBCIS IP address, but not from Oregon, from a Comcast IP address. The immediate, short term solution was to use 'smtp.comcast.net'; but that was a long term nuisance. I had to remember to change the OEXP configuration with every location change. The long term solution was to use the SBC authenticating message submission server: 'smtpauth.sbcglobal.net:587'. Set it once in the client, and never worry about where I am when I try to send. That was a major improvement to the "status quo" from my perspective.

If port 25 works, and you never use your computer away from home, fine. But many need something "better".

And Thunderbird is miles ahead of OEXP; in fact, I don't miss OEXP one solitary bit. Now excuse me while I fire up the second Mozilla Profile and check my mother's email ...
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

You don't have webmail? I hate RR webmail but I use it when traveling or better I use web2mail.com which has a far better interface and no ads (insulting that my ISP treats us so badly with their crappy webmail). No problems then with ports being blocked. I use public computers when I travel. I don't travel a lot as it has to be by air which is expensive and I don't like laptops so if I need a computer when traveling I go to a public library or internet cafe. I actually welcome getting away from computers for awhile.

I can see if one travels for business reasons that you would need to drag a computer with you and have good email, etc. Thank goodness, I don't have to do that.

For years now, email has been a necessary evil and nothing more. I haven't used it for personal communication in years with one exception of someone also on Hawaii RR, but that too has stopped. Email is not fit for personal communication and is needed only for forum signups, retrieval of lost/forgotten passwords, dealing with businesses that send invoices, etc in email or tech support that is by email. And for newsgroups. OE is SO MUCH better than Thunderbird for newsgroups. The problem with Tbird is that it has become very bloated. It used to be almost identical to OE and I liked it back then.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by Mele20:

You don't have webmail? I hate RR webmail but I use it when traveling or better I use web2mail.com which has a far better interface and no ads (insulting that my ISP treats us so badly with their crappy webmail). No problems then with ports being blocked. I use public computers when I travel.

I have it, but rarely use it. I bring my computer with me, if I need it while traveling. I use my laptop with public hotspots. Port blocking is not an issue; but either SSL or TLS should be used on public hotspots for password security.

For years now, email has been a necessary evil and nothing more. I haven't used it for personal communication in years with one exception of someone also on Hawaii RR, but that too has stopped. Email is not fit for personal communication and is needed only for forum signups, retrieval of lost/forgotten passwords, dealing with businesses that send invoices, etc in email or tech support that is by email. And for newsgroups. OE is SO MUCH better than Thunderbird for newsgroups. The problem with Tbird is that it has become very bloated. It used to be almost identical to OE and I liked it back then.

If I need to discuss things I don't want "Bob" to know about, I won't take it to email.

I prefer a dedicated news client for NNTP service (Usenet).

Looking at my resource usage, with Thunderbird running, I honestly don't see this "bloat".
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

I didn't mean resource usage. Thunderbird has too many options and the length and amount of support articles is daunting.

The only newsgroups I subscribe to in recent years are GRC and Mozilla so an email client should be ok for that and OE has been but Thunderbird, for instance, lacks the ability to start a newsgroup with all threads collapsed. Plus, it opens at random, sometimes to a thread from weeks ago, instead of always opening at the top with all threads collapsed. It wasn't even easy to get ">" back for newsgroup reading/quoting instead of the irritating colored vertical lines. I found two extremely lengthy articles on how to do it and still had to ask in the Mozilla Thunderbird newsgroup.