From guru at unixarea.de Wed Dec 17 16:50:24 2025 From: guru at unixarea.de (Matthias Apitz) Date: Wed, 17 Dec 2025 11:50:24 -0500 Subject: smtp example with openssl s_lient Message-ID: Hello, I'm trying to run the SSL connection used by mutt to my ISP for SMPTP with: $ openssl s_client -connect smtp.1blu.de:465 ... 220 ms-10.1blu.de ESMTP Exim 4.95 Ubuntu Wed, 17 Dec 2025 17:38:48 +0100 EHLO c720-1400094 250-ms-10.1blu.de Hello c720-1400094 [152.206.209.223] 250-SIZE 157286400 250-8BITMIME 250-DSN 250-PIPELINING 250-PIPE_CONNECT 250-AUTH LOGIN PLAIN 250-CHUNKING 250-SMTPUTF8 250 HELP AUTH LOGIN 334 VXNlcm5hbWU6 XXXXXXXXXXXXXXXXXXXX 334 UGFzc3dvcmQ6 XXXXXXXXXXXXXXXXXXXX RENEGOTIATING 281473263360496:error:140940F5:SSL routines:ssl3_read_bytes:unexpected record:../ssl/record/rec_layer_s3.c:1774: The 'XXXXXXXXXXXXXXXXXXXX' values are calculated by $ echo -ne 'username' | base64 $ echo -ne 'password' | base64 and they match exactly what I can see in the mutt's debug file ~/.muttdebug0 But, mutt gets an answer as 235 Authentication succeeded while I get RENEGOTIATING What do I wrong here? Thanks matthias -- Matthias Apitz, ? guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub From mutt+users at esmtp.org Wed Dec 17 18:25:02 2025 From: mutt+users at esmtp.org (Claus Assmann) Date: Wed, 17 Dec 2025 18:25:02 +0000 Subject: smtp example with openssl s_client In-Reply-To: References: Message-ID: <20251217182502.GA71521@veps.esmtp.org> On Wed, Dec 17, 2025, Matthias Apitz wrote: > $ openssl s_client -connect smtp.1blu.de:465 > AUTH LOGIN > 334 VXNlcm5hbWU6 > XXXXXXXXXXXXXXXXXXXX > 334 UGFzc3dvcmQ6 > XXXXXXXXXXXXXXXXXXXX > RENEGOTIATING Is there an 'R' in the XXX? AFAIR that triggers the "RENEGOTIATING" from s_client. Check whether there's some way to turn that off (it's not in the man page on my machine). From guru at unixarea.de Wed Dec 17 20:39:49 2025 From: guru at unixarea.de (Matthias Apitz) Date: Wed, 17 Dec 2025 15:39:49 -0500 Subject: smtp example with openssl s_client In-Reply-To: <20251217182502.GA71521@veps.esmtp.org> References: <20251217182502.GA71521@veps.esmtp.org> Message-ID: There are two times the 'R' in the base64 coded password. I can?t change the password, I will look in the s_client source. Sorry for the Top posting. Matthias -- Matthias Apitz E-mail: guru at unixarea.de WWW: http://www.unixarea.de/ phone: +49-170-4527211 Am 17.12.2025 13:25, schrieb Claus Assmann: > On Wed, Dec 17, 2025, Matthias Apitz wrote: > >> $ openssl s_client -connect smtp.1blu.de:465 > >> AUTH LOGIN >> 334 VXNlcm5hbWU6 >> XXXXXXXXXXXXXXXXXXXX >> 334 UGFzc3dvcmQ6 >> XXXXXXXXXXXXXXXXXXXX >> RENEGOTIATING > > Is there an 'R' in the XXX? > > AFAIR that triggers the "RENEGOTIATING" from s_client. > > Check whether there's some way to turn that off > (it's not in the man page on my machine). From ml at kurokatta.org Wed Dec 17 20:51:58 2025 From: ml at kurokatta.org (David Haguenauer) Date: Wed, 17 Dec 2025 20:51:58 +0000 Subject: smtp example with openssl s_client In-Reply-To: <20251217182502.GA71521@veps.esmtp.org> References: <20251217182502.GA71521@veps.esmtp.org> Message-ID: <0100019b2e157b73-1c4d9c58-75ef-49ce-91fd-43dc4158e68f-000000@email.amazonses.com> * Claus Assmann , 2025-12-17 18:25:02 Wed: > On Wed, Dec 17, 2025, Matthias Apitz wrote: > > $ openssl s_client -connect smtp.1blu.de:465 > > XXXXXXXXXXXXXXXXXXXX > > RENEGOTIATING > Is there an 'R' in the XXX? > > AFAIR that triggers the "RENEGOTIATING" from s_client. > > Check whether there's some way to turn that off > (it's not in the man page on my machine). That must be it. It looks like `openssl s_client -quiet' will disable the interactive interpretation of "R" (and some other commands) at the start of a line. My man page for `s_client' says: ---- When used interactively (which means neither -quiet nor -ign_eof have been given), then certain commands are also recognized which perform special operations. These commands are a letter which must appear at the start of a line. They are listed below. [...] R Renegotiate the SSL session (TLSv1.2 and below only). ---- -- David Haguenauer From guru at unixarea.de Wed Dec 17 22:55:37 2025 From: guru at unixarea.de (Matthias Apitz) Date: Wed, 17 Dec 2025 17:55:37 -0500 Subject: smtp example with openssl s_client In-Reply-To: <0100019b2e157b73-1c4d9c58-75ef-49ce-91fd-43dc4158e68f-000000@email.amazonses.com> References: <20251217182502.GA71521@veps.esmtp.org> <0100019b2e157b73-1c4d9c58-75ef-49ce-91fd-43dc4158e68f-000000@email.amazonses.com> Message-ID: El d?a mi?rcoles, diciembre 17, 2025 a las 08:51:58p. m. +0000, David Haguenauer escribi?: > * Claus Assmann , 2025-12-17 18:25:02 Wed: > > On Wed, Dec 17, 2025, Matthias Apitz wrote: > > > $ openssl s_client -connect smtp.1blu.de:465 > > > XXXXXXXXXXXXXXXXXXXX > > > RENEGOTIATING > > Is there an 'R' in the XXX? > > > > AFAIR that triggers the "RENEGOTIATING" from s_client. > > > > Check whether there's some way to turn that off > > (it's not in the man page on my machine). > > That must be it. It looks like `openssl s_client -quiet' will disable > the interactive interpretation of "R" (and some other commands) at the > start of a line. My man page for `s_client' says: > > ---- > When used interactively (which means neither -quiet nor > -ign_eof have been given), then certain commands are also recognized > which perform special operations. These commands are a letter which > must appear at the start of a line. They are listed below. [...] > > R Renegotiate the SSL session (TLSv1.2 and below only). > ---- Thanks to all who replied. Using -quiet did the trick. matthias -- Matthias Apitz, ? guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub