Comments (4)
Please take a look at #126 - I ended up keeping the discussion of the arguments more terse, and adding a new section that goes into more detail. Now with moar crossreferences!
from aiosmtpd.
There was just a StackOverflow question on the topic. It seems currently to be slightly easier to create a TLS-on-connect server than a STARTTLS server. Both could probably be exemplified in the docs.
https://stackoverflow.com/q/45447491/how-do-i-properly-support-starttls-with-aiosmtpd
from aiosmtpd.
Examples are a good thing.
But in any case, the description of the parameters & their effects needs to be correct and complete.
These are not mutually exclusive. A first step would be for someone with commit privs to cut and paste the edit that I provided into the docs...
from aiosmtpd.
Sorry I'm late. Thanks for addressing this. It's much better. One divot.
I disagree with including the 'and require_starttls should be True
" clause in the parameter summary.
I think what I wrote is the correct functional description. A tls_context is required for STARTTLS to be offered. require_starttls disables all but a small subset of commands until a TLS link is established.
"require_starttls should be True" is a value judgement - well intentioned = that security is important. I happen to agree, but it has nothing to do with whether STARTTLS is offered or can be used. In fact, require_starttls can not be used for a public server that accepts mail for local delivery (section 4 of 3207)
A publicly-referenced SMTP server MUST NOT require use of the
STARTTLS extension in order to deliver mail locally.
require_starttls is valuable for a server that requires authentication for the server to accept mail (typically a relay, but sometimes a server that only serves a restricted set of clients). The primary reason is that the most common authentication mechanisms transmit plaintext passwords; these MUST NOT be transmitted unencrypted. A server that functions only as a relay (has no local delivery or is not publicly referenced) can require authentication for all transactions. In this case, require_starttls can reduce the server's attack surface.
Security commentary (3207 and the AUTH/SASL RFCs have a fuller discussion):
TLS serves two functions: verifying that a connection is established to the intended host, and providing confidentiality of the information transferred. In the SMTP/LMTP context, TLS does not provide end-to-end confidentiality of e-mail. It can provide assurance that the email is delivered to the correct host. And in the case of servers that require authentication, it can ensure confidentiality of the authentication process - especially username & password. A plaintext password MUST never be transmitted without TLS or an equivalent security layer.
A server may change the supported commands (listed by HELP and EHLO/HLO) when STARTTLS succeeds. In particular: STARTTLS MUST NOT be offered if a TLS session is active. And plaintext authentication mechanisms SHOULD NOT be offered (and MUST NOT be accepted) UNLESS a TLS session is active. TLS client authentication can also be used as an authentication mechanism - and for authorizing specific mechanism, such as RELAY or ETRN service.
Per RFC 3207, once a TLS session is established, a client MUST discard all knowledge obtained from the SMTP/LMTP server and start again with the ELHO/LHLO sequence.
require_starttls = True is the recommended configuration for servers that offer the STARTTLS service and that require authentication for all transactions. This configuration minimizes the risk that a plaintext password is exposed or that e-mail can be redirected and/or captured by a host that impersonates a server. In this configuration, only the commands necessary for setting up a secure connection are permitted over an insecure connection.
require_starttls = False allows clients that can not establish a TLS connection to submit mail to your server. Generally, your server should only accept local mail without authentication (open relays promote SPAM). The most common authentication methods use plaintext passwords; these MUST NOT be transmitted without an active TLS session.
Although TLS does encrypt e-mail between your server and it's client, it does NOT provide end-to-end encryption of e-mail; in fact, if the client is a relay, e-mail is unlikely to be encrypted while in the relay's queue.
For end-to-end encryption, see S/MIME or PGP.
from aiosmtpd.
Related Issues (20)
- 1.4.4.post2: documentation build fails
- aiosmptd is treating Bcc as a TO field HOT 5
- Replace flake8 test with ruff HOT 3
- Controller.start() is missing type annotation
- Provide a way to start smtp server on random free port
- [Question] EHLO response in a single packet?
- Example authenticated replayer is not working; Solved
- Let's put `aiosmtpd` under the `aio-libs` org on PyPI HOT 5
- [good first issue] Fix the Read The Docs config file HOT 1
- Some tests in aiosmtpd/tests/test_server.py hang with python 3.12
- assert_smtp_socket fails with Python 3.13.0a3 HOT 1
- custom `handle_HELO` and `handle_EHLO`: 503 Error: send HELO first HOT 1
- 1.4.5: test suite and documentation source is part of the installed resources HOT 2
- Not found code using 'attrs' but it is required. HOT 3
- handle_DATA not called with Proxy Protocol HOT 1
- Old authenticators won't work
- Unable to connect to aiosmtpd server using TLS v1.1 ?
- 1.4.6: pytest fails because test suite uses deprecated `pkg_resources
- 1.4.6: sphinx warnings `reference target not found`
- 1.4.6: please move aiosmtpd/docs and aiosmtpd/tests to project root, and pep517 build warnings
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aiosmtpd.