diff options
| author | Mark Sapiro <mark@msapiro.net> | 2016-05-06 14:44:28 -0700 |
|---|---|---|
| committer | Mark Sapiro <mark@msapiro.net> | 2016-05-06 14:44:28 -0700 |
| commit | d2145608089777cd27175763cf9f71ca2a3159f5 (patch) | |
| tree | 2a785262135176b828953b0c85dd6196a6a73bf9 | |
| parent | 6a615a1e6c6b3b03c3d8e334e6b097f29c9c975a (diff) | |
| download | mailman2-d2145608089777cd27175763cf9f71ca2a3159f5.tar.gz mailman2-d2145608089777cd27175763cf9f71ca2a3159f5.tar.xz mailman2-d2145608089777cd27175763cf9f71ca2a3159f5.zip | |
Implement SASL and STARTTLS in SMTPDirect.py.
| -rwxr-xr-x | Mailman/Defaults.py.in | 16 | ||||
| -rw-r--r-- | Mailman/Handlers/SMTPDirect.py | 30 | ||||
| -rw-r--r-- | NEWS | 5 |
3 files changed, 51 insertions, 0 deletions
diff --git a/Mailman/Defaults.py.in b/Mailman/Defaults.py.in index a71875ac..3569cc07 100755 --- a/Mailman/Defaults.py.in +++ b/Mailman/Defaults.py.in @@ -562,6 +562,22 @@ SMTPPORT = 0 # default from smtplib # when DELIVERY_MODULE is 'Sendmail'. SENDMAIL_CMD = '/usr/lib/sendmail' +# SMTP authentication for DELIVERY_MODULE = 'SMTPDirect'. To enable SASL +# authentication for SMTPDirect, set SMTP_AUTH = Yes and provide appropriate +# settings for SMTP_USER and SMTP_PASSWD. +SMTP_AUTH = No +SMTP_USER = '' +SMTP_PASSWD = '' + +# If using SASL authentication (SMTP_AUTH = Yes), set the following to Yes +# to also use TLS. This has no effect if SMTP_AUTH = No. +SMTP_USE_TLS = No + +# When using TLS the following should be set to the hostname that should be +# used in order to identify Mailman to the SMTP server. By default, it +# uses DEFAULT_URL_HOST. Normally, you should not change this. +SMTP_HELO_HOST = DEFAULT_URL_HOST + # Set these variables if you need to authenticate to your NNTP server for # Usenet posting or reading. If no authentication is necessary, specify None # for both variables. diff --git a/Mailman/Handlers/SMTPDirect.py b/Mailman/Handlers/SMTPDirect.py index 32b03423..3b489c2f 100644 --- a/Mailman/Handlers/SMTPDirect.py +++ b/Mailman/Handlers/SMTPDirect.py @@ -63,6 +63,36 @@ class Connection: self.__conn = smtplib.SMTP() self.__conn.set_debuglevel(mm_cfg.SMTPLIB_DEBUG_LEVEL) self.__conn.connect(mm_cfg.SMTPHOST, mm_cfg.SMTPPORT) + if mm_cfg.SMTP_AUTH: + if mm_cfg.SMTP_USE_TLS: + try: + self.__conn.starttls() + except SMTPException, e: + syslog('smtp-failure', 'SMTP TLS error: %s', e) + self.quit() + raise + try: + self.__conn.ehlo(mm_cfg.SMTP_HELO_HOST) + except SMTPException, e: + syslog('smtp-failure', 'SMTP EHLO error: %s', e) + self.quit() + raise + try: + self.__conn.login(mm_cfg.SMTP_USER, mm_cfg.SMTP_PASSWD) + except smtplib.SMTPHeloError, e: + syslog('smtp-failure', 'SMTP HELO error: %s', e) + self.quit() + raise + except smtplib.SMTPAuthenticationError, e: + syslog('smtp-failure', 'SMTP AUTH error: %s', e) + self.quit() + raise + except smtplib.SMTPException, e: + syslog('smtp-failure', + 'SMTP - no suitable authentication method found: %s', e) + self.quit() + raise + self.__numsessions = mm_cfg.SMTP_MAX_SESSIONS_PER_CONNECTION def sendmail(self, envsender, recips, msgtext): @@ -9,6 +9,11 @@ Here is a history of user visible changes to Mailman. New Features + - SMTPDirect.py can now do SASL authentication and STARTTLS security when + connecting to the outgoiung MTA. Associated with this are new + Defaults.py/mm_cfg.py settings SMTP_AUTH, SMTP_USER, SMTP_PASSWD and + SMTP_USE_TLS. (LP: #558281) + - There is a new Defaults.py/mm_cfg.py setting SMTPLIB_DEBUG_LEVEL which can be set to 1 to enable verbose smtplib debugging to Mailman's error log to help with debugging 'low level smtp failures'. (LP: # 1573074) |