[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [msmtp-users] Proxy support patch
On Fri, Oct 03, 2014 at 04:03:30PM -0400, grarpamp wrote:
> On Fri, Oct 3, 2014 at 1:23 PM, CustaiCo <custaico@...373...> wrote:
> > I've written an patch that allows msmtp to use a socks
>
> Good to see someone working on this.
>
> Is it necessary to invoke new dependencies on third party libraries?
> Especially one that hasn't been maintained since 2005?
> What about simply including socks5 in msmtp directly?
>
> You could borrow a socks5 + IPv6 implementation from...
>
> A tool with 3-clause BSD license:
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/nc/
>
> A tool with GPL + restrictions, has some win/mac code:
> https://svn.nmap.org/nmap/ncat/
>
> Other tools:
> http://www.dest-unreach.org/socat/
> http://www.privoxy.org/
>
> http://en.wikipedia.org/wiki/SOCKS
>
nc and ncat and all those are great tools, if your application supports
getting the information from standard in/out. I was unable to find a
smpt client that did that. I honestly statically linked the antinat code
in rather than installing it as a shared library. It's under the GPL2
license, which is a bit more permissive than the GPL3 that msmtp is
distributed under. To just yank in somebody's code and bloat the code
base with a bunch of proxy code seems pretty pointless.
> > It does support tls, but only using gnutls.
> Is anyone actually using TLS/GSSAPI in the socks5 client-server path?
http://lelantoss7bcnwbv.onion/help.html
That hidden service *requires* you to use tls. Yes, it is stupid. There
are many others like it. If it wasn't something that some services
needed, I would not have bothered with getting the tls working.
> The patch has dos CRLF instead of unix CR at line end.
It doesn't when I check it in my outbox or when I download it from the
web archive and check it with file. Perhaps it's a problem with the
list?
> Replied because socks5 + IPv6 in msmtp (and even mpop) would be
> cool and I think this might be the first work towards that :)
>
> I'm sure there are lots of users who will point it directly at Tor
> 127.0.0.1:9050 so they can reach submission STARTTLS 587 on the
> other side. Same for I2P. And their respective hidden services.
>
> Another code reference...
> https://gitweb.torproject.org/torsocks.git
torsocks and proxychains are exactly the type of thing I was trying to
avoid. It's a nasty hack of LD_PRELOAD that fails many times when you
want it to work. I have a few applications that are using it due to
lack of any alternative, but I would like to avoid it if possible.
Plus, a lazy I2P user would just use susimail anyway. :P
It's a rough and unpolished patch. I am fully aware of that. I just
think that even as it is it's better than the alternatives.
CustaiCo