0

I'm trying to study TCP and SMTP, so I'm trying to write a TCP REPL in Erlang.

I don't know much about SMTP (or TCP), I'm still studying so if I say something absurd about (or if I'm trying to do something absurd) I ask you sorry. For testing, I'm trying to connect to Gmail.

From the Gmail support page: https://support.google.com/mail/answer/7104828?hl=en

Outgoing Mail (SMTP) Server

  • smtp.gmail.com
  • Requires SSL: Yes
  • Requires TLS: Yes (if available)
  • Requires Authentication: Yes
  • Port for TLS/STARTTLS: 587

It's written that SSL is required, TLS is optional ("if available") and that the TLS port is 587.

From this answer, it's said that port 587 is initially unencrypted, so I tried to start a plain tcp communication: enter image description here

As you can see I start the communication and I receive a 220 response successfully, but when I try to answer it, the tcp connection hangs.

So, I thought that it might be hanging because although port 587 supposedly starts unencrypted, the support page says it requires SSL...

So I'm trying to use SSL/TSL with Erlang but I had not much success:

enter image description here

I'm trying to discover what this "unsupported_record_type" means but I still have no clue.

Let me show you the code, what I've tried so far:

print("Starting TCP Client~n", []),
  
ok = ssl:start(),
{ok, SSLSocket} = ssl:connect(AddressName, Port, [], infinity),
print("Connected to ~p:~p~n", [AddressName, Port]),

Since it failed, I tried to generate a ssl certification/key with the following: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

Then I've tried the following connection (passing a TCP socket to upgrade):

{ok, TLSSocket} = ssl:connect(Socket, [{certfile, "cert.pem"}, {keyfile, "key.pem"}], infinity).

And also:

{ok, TLSSocket} = ssl:connect(AddressName, Port, [{certfile, "cert.pem"}, {keyfile, "key.pem"}], infinity).

But it generates the same error from the previous image.

  1. Is it possible to establish a SMTP connection to Gmail without SSL/TSL? With so, why it might be hanging?

Initially I thought that it might some kind of timeout because of the repl waiting for me to enter the next TCP message, but I've tried a direct reply without the REPL approach and it hanged as well.

  1. Why is this SSL connection failing? Did I generated the certification/key wrong? There is some easy way to establish this SSL connection?

Seems like that trying to use SSL is a recurrent problem for beginners.

jacksonbenete
  • 159
  • 1
  • 9
  • 1
    Are you actually sending `"helo\r"` to the server? It needs both the CR and the LF, so that should be `"helo\r\n"`. Also, when connecting to port 587, you need to send the `STARTTLS` command before starting the TLS negotiation. See [the example in the RFC](https://datatracker.ietf.org/doc/html/rfc3207#section-5). – legoscia Aug 23 '21 at 09:00
  • Thank you very much, you're right, the LF made it right. I still failing connecting via SSL or negotiating the TSL. But your help already made it way better. – jacksonbenete Aug 23 '21 at 20:21
  • As you mentioned port 587 is a plain TCP port. I think SMTP servers enforce upgrading to TLS after initial communication to ensure the connection security, so I think upgrading an existing TCP connection to TLS would work: https://erlang.org/doc/man/ssl.html#connect-2. This answer may be helpful https://stackoverflow.com/a/11049483/901161. – Ali Shirvani Sep 02 '21 at 06:07

0 Answers0