Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What are the Curl SMTP command line arguments to support GMail TLS/STARTTLS vs SSL

Tags:

email

curl

command-line

ssl

smtp

I am using Curl.exe in an application to send emails. I need to support most major email servers. GMail exposes the following ports and Authentication methods.

  • TLS/STARTTLS (sometimes called Explicit TLS): uses port 587
  • SSL (sometimes called Implicit TLS): uses port 465

I have gotten the Explicit TLS to work using the following command line:

C:\>curl smtp://smtp.gmail.com:587 -v --mail-from "[email protected]" --mail-rcpt 
"[email protected]" --ssl -u [email protected]:password -T "c:\test.txt" -k --anyauth

I have tried the following to get ImplicitTLS to work, but it is not.

C:\>curl smtp://smtp.gmail.com:465 -v --mail-from "[email protected]" --mail-rcpt 
"[email protected]" --ssl -u [email protected]:password -T "c:\test.txt" -k --anyauth

What are the proper command line parameters to get SSL/Implicit TLS to work?

like image 286
Kevin Westwood Avatar asked May 09 '12 19:05

Kevin Westwood

People also ask

Should I use STARTTLS or SSL TLS?

While STARTTLS has TLS in its name, it's not necessary to use TLS; users can choose SSL instead. The difference between SSL/TLS and STARTTLS is the latter is not a protocol but a command issued between an email program and a server. STARTTLS notifies a mail server that the contents of an email need to be encrypted.

What is SSL and TLS in SMTP?

SSL, TLS, and STARTTLS refer to standard protocols used to secure email transmissions. SSL (Secure Sockets Layer) and its successor, Transport Layer Security (TLS), provide a way to encrypt a communication channel between two computers over the Internet.

What is a STARTTLS command?

StartTLS is a protocol command used to inform the email server that the email client wants to upgrade from an insecure connection to a secure one using TLS or SSL. StartTLS is used with SMTP and IMAP, while POP3 uses the slightly different command for encryption, STLS.

What is SMTP STARTTLS?

STARTTLS is a Channel Security Upgrade for safer delivery of message. It tells an email server that an email client (including an email client running in a web browser) wants to turn an existing insecure connection into a secure one.

1 Answers

Use smtps:// for SMTPS (i.e. SMTP on top of an existing SSL/TLS connection).

This works:

curl smtps://smtp.gmail.com:465 -v

I would also use --ssl-reqd for the explicit STARTTLS connection to make sure SSL/TLS is used when you expect it to be (downgrade attacks would be possible otherwise).

Don't use -k either, check the server certificate: see http://curl.haxx.se/docs/sslcerts.html

like image 66
Bruno Avatar answered Oct 19 '22 22:10

Bruno
Sign in to Comment

Related questions

SMTP Error: 454 4.7.0 Too many login attempts, please try again later
Translating longer texts (view and email templates) with gettext
How to implement inbound email on Amazon AWS?
I'm getting a MailKit.Security.SslHandshakeException when trying to connect to "smtp.office365.com"
Is there an RFC on EML file formats?
Send email with attachment in Ruby
Mail gem - how to clean up the body string
Opening default e-mail program with attachment (C#)
Handling undelivered emails in webapp
Python imaplib fetch body emails gmail
How to use special characters in recipients name when using PHP's mail function
Sending "on behalf of" emails
How to attach PDF to email using PHP mail function
accessing my gmail inbox via php code
Using Rails and Devise, I want to send a welcome email on sign up.
Correct email headers for delivering mailing list mail
Node JS: Sendgrid Mail 403 'Forbidden' error
How to receive Email in Java EE application
What are some ways to protect emails on websites from spambots?
What is the daily email limit in Google Apps Script?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!