1. Forum
  2. Usenet
  3. COMP.LANG.ADA

  • AWS.SMTP.Client secure mode

    From philip.munts@gmail.com@21:1/5 to All on Sat Sep 4 20:20:39 2021
    The recent thread about sending email with AWS.SMTP.Client reminded me I need to finish working on a package I wrote a while ago that uses AWS.SMTP.Client. I have just been passing Server_Name => "localhost", Port => 25, and Secure => False to AWS.SMTP.
    Client.Initialize, to use a local mail relay, and that has worked fine.

    I'm now trying to get secure communication to my email account mailserver working (SSL on port 465). Something deep in the bowels of AWS wants cert.pem to exist in the directory I run my program from, but it doesn't seem to be the cert.pem I retrieved
    from the mail server with openssl.

    My program dies with:

    raised AWS.SMTP.SERVER_ERROR : raised AWS.NET.SOCKET_ERROR : The requested data were not available.

    immediately after reading the cert.pem file I fetched with openssl.

    Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?Q?Bj=c3=b6rn_Lundin?=@21:1/5 to All on Mon Sep 6 11:26:27 2021
    Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:


    Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?


    Yes.
    I use Amazon as mailer - like this. Shortened version so it might not
    compile. I think you need the Ada.Directories.Set_Directory statement
    just as I need it.

    in the directory I set , I have the cert.pem I'd like to use


    procedure Mail_Saldo is
    Subject : constant String := "Some Subject";
    use AWS;
    SMTP_Server_Name : constant String := "email-smtp.eu-north-1.amazonaws.com";
    Status : SMTP.Status;
    begin
    Ada.Directories.Set_Directory(/where/is/my/cet/sslcert");
    declare
    Auth : aliased constant SMTP.Authentication.Plain.Credential :=
    SMTP.Authentication.Plain.Initialize ("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");


    SMTP_Server : SMTP.Receiver := SMTP.Client.Initialize
    (SMTP_Server_Name,
    Port => 465,
    Secure => True,
    Credential => Auth'Unchecked_Access);
    use Ada.Characters.Latin_1;
    Msg : constant String := "Some MEssage";

    Receivers : constant SMTP.Recipients := (
    SMTP.E_Mail("A Mail Address",
    "a.mail.address@gmail.com"),
    -- SMTP.E_Mail("Another Mail Addresss", "another.mail.address@gmail.co"));
    begin
    SMTP.Client.Send(Server => SMTP_Server,
    From => SMTP.E_Mail ("A sender", "Sender@gmail.com"),
    To => Receivers,
    Subject => Subject,
    Message => Msg,
    Status => Status);
    end;
    if not SMTP.Is_Ok (Status) then
    Log (Me & "Mail_Saldo", "Can't send message: " &
    SMTP.Status_Message (Status));
    end if;
    end Mail_Saldo;

    ---------------------------------




    cert.pem looks like

    sslcert $ cat cert.pem
    -----BEGIN RSA PRIVATE KEY-----
    ....
    -----END RSA PRIVATE KEY-----
    -----BEGIN CERTIFICATE-----
    ...........
    -----END CERTIFICATE-----


    --
    Björn

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From philip.munts@gmail.com@21:1/5 to All on Mon Sep 6 19:20:27 2021
    On Monday, September 6, 2021 at 2:26:30 AM UTC-7, björn lundin wrote:
    Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:


    Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?

    Yes.
    I use Amazon as mailer - like this. Shortened version so it might not compile. I think you need the Ada.Directories.Set_Directory statement
    just as I need it.

    in the directory I set , I have the cert.pem I'd like to use

    Is cert.pem a client certificate that will be passed to the server, or is it a server certificate the client uses to validate the server?

    As far as I know, none of the mail servers I am dealing with have any mechanism to register client certificates.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?Q?Bj=c3=b6rn_Lundin?=@21:1/5 to All on Tue Sep 7 08:21:56 2021
    Den 2021-09-07 kl. 04:20, skrev philip...@gmail.com:
    On Monday, September 6, 2021 at 2:26:30 AM UTC-7, björn lundin wrote:
    Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:


    Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?

    Yes.
    I use Amazon as mailer - like this. Shortened version so it might not
    compile. I think you need the Ada.Directories.Set_Directory statement
    just as I need it.

    in the directory I set , I have the cert.pem I'd like to use

    Is cert.pem a client certificate that will be passed to the server, or is it a server certificate the client uses to validate the server?




    Actually - lookin closer - it is the cert.pem that was distributed with
    AWS 1.2.
    That is longtime ago...

    Obviously Amazon does not care. Auth is then via the lines
    Auth : aliased constant SMTP.Authentication.Plain.Credential :=
    SMTP.Authentication.Plain.Initialize ("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");


    I could not find it on github now - so I mailed you the one I got


    --
    Björn

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From philip.munts@gmail.com@21:1/5 to All on Tue Sep 7 13:40:02 2021
    Obviously Amazon does not care. Auth is then via the lines
    Auth : aliased constant SMTP.Authentication.Plain.Credential := SMTP.Authentication.Plain.Initialize
    ("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");
    I could not find it on github now - so I mailed you the one I got

    OK, so your cert.pem works with my email provider. But I don't understand why it works, epecially since your certificate appears to have expired almost 13 years ago.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)