Dear Alpiners,

it is my pleasure to announce the release of version 2.24 of Alpine.
The full list of new features and bug fixes can be read from the Release
Notes, which can be reached from the Main Menu, by pressing the "R" key.

New features include the addition of XOAUTH2 support for Yahoo!,
automatic renew of the access token before it expires, and improvements to
the privacy of Alpine users.

When starting up alpine, you will be given a welcome screen whose
default command is to read the Apache License. The same welcome screen
contains a link to Alpine's privacy policy. If you wish to exit that
screen press "E".

The configure option --disable-debug has been redefined to only not
compile debug symbols into Alpine. This means that Alpine will still
compile internal debug messages, and so the journal screen will be
available for all users. The .pine-debug files will not be created automatically, unless Alpine is started with the "-d" option (e.g. a
command such as "alpine -d 2" or "alpine -d tcp")

Please test this release by yourself before putting it in a production environment.

All binaries and source code can be downloaded from the main web site
at http://alpine.x10host.com/

The following are the relevant links:

* Source code:
http://alpine.x10host.com/alpine/release/src/alpine-2.24.tar.xz
MD5: 1c520c3a791b019772570674c7c17073
SHA256: 651a9ffa0a29e2b646a0a6e0d5a2c8c50f27a07a26a61640b7c783d06d0abcef

* Windows 64 bits
http://alpine.x10host.com/alpine/release/src/alpine-2.24.zip
MD5: 619b5b46c5630591f184091a22011583)<BR>
SHA256: 055a137e9aaa2e046c98de5809cc0d87eea7fcdd7f78d23ae26e1c276ff4424c

* Windows 32 bits
http://alpine.x10host.com/alpine/release/src/alpine-2.24_32bits.zip
MD5: 83e6bf25e07c07cad8a5efea2ec2dca2
SHA256: e64840734747b340ecdd581964a51c36956ae9b69ea3f4025b28b3cacf87a603

Thank you.

--
Eduardo

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 10 Oct 2020 14:47:07 -0600, Eduardo Chappa wrote:

Dear Alpiners,

it is my pleasure to announce the release of version 2.24 of Alpine.

You're The Man, Eduardo!! Many thanks for all you do!!

Jonesy
Continuous pine/alpine since around 1994; OS/2, then linux, then FreeBSD
--
Marvin L Jones | Marvin | W3DHJ.net | linux
38.238N 104.547W | @ jonz.net | Jonesy | FreeBSD
* Killfiling google & XXXXbanter.com: jonz.net/ng.htm

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Le 10 octobre 2020, à 14:47, Eduardo Chappa a écrit :

New features include the addition of XOAUTH2 support for Yahoo!, automatic renew of the access token before it expires, and improvements to the privacy of Alpine users.

Hi Eduardo,


Many thanks! I've just compiled an all-patched Alpine 2.24 because Yahoo
is discontinuing the "less secure" authentication method... tomorrow. In .pinerc I see at the bottom:

# Your client-id and client-secret information to authenticate using XOAUTH2 xoauth2-info=

Do I have anything to do now to have Alpine use XOAUTH2 to connect to the
Yahoo servers (IMAP, and SMTP if applicable)?


Thanks again.
--
LL

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 19 Oct 2020, Lucas Levrel wrote:

Many thanks! I've just compiled an all-patched Alpine 2.24 because Yahoo
is discontinuing the "less secure" authentication method... tomorrow. In .pinerc I see at the bottom:

# Your client-id and client-secret information to authenticate using XOAUTH2 xoauth2-info=

Do I have anything to do now to have Alpine use XOAUTH2 to connect to
the Yahoo servers (IMAP, and SMTP if applicable)?

Dear Lucas,

I dcumented how to follow this process here

http://alpine.x10host.com/alpine/alpine-info/misc/xoauth2.html#SettingUpYahoo

in essence what you need is

a) a version of Alpine compiled with password file support
b) a password file
c) edit your piner, and add "/auth=xoauth2" to the definition of the yahoo
servers
d) Attempt to open your yahoo account and follow the authorization
procedure.

Let me know if you have any questions. I will be happy to help you.

--
Eduardo
https://tinyurl.com/yc377wlh (web)
http://repo.or.cz/alpine.git (Git)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Le 19 octobre 2020, à 19:26, Eduardo Chappa a écrit :

Dear Lucas,

I dcumented how to follow this process here

http://alpine.x10host.com/alpine/alpine-info/misc/xoauth2.html#SettingUpYahoo

in essence what you need is

a) a version of Alpine compiled with password file support
b) a password file
c) edit your piner, and add "/auth=xoauth2" to the definition of the yahoo
servers
d) Attempt to open your yahoo account and follow the authorization procedure.

Let me know if you have any questions. I will be happy to help you.

Thanks a lot Eduardo, it works like a charm! I'm really happy that Alpine
stays compatible with "modern" mail providers (irony included directed to
those providers :-) ).

Cheers,
Lucas

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Eduardo Chappa <chappa@washington.edu> wrote:

On Mon, 19 Oct 2020, Lucas Levrel wrote:

Many thanks! I've just compiled an all-patched Alpine 2.24 because Yahoo
is discontinuing the "less secure" authentication method... tomorrow. In >>.pinerc I see at the bottom:

# Your client-id and client-secret information to authenticate using XOAUTH2 >>xoauth2-info=

Do I have anything to do now to have Alpine use XOAUTH2 to connect to
the Yahoo servers (IMAP, and SMTP if applicable)?

Dear Lucas,

I dcumented how to follow this process here

http://alpine.x10host.com/alpine/alpine-info/misc/xoauth2.html#SettingUpYahoo

in essence what you need is

a) a version of Alpine compiled with password file support
b) a password file
c) edit your piner, and add "/auth=xoauth2" to the definition of the yhoo
servers
d) Attempt to open your yhoo account and follow the authorization
procedure.

Let me know if you have any questions. I will be happy to help you.

Thanks for the new version release of alpine, Eduardo.

I too can confirm that I was able to add xoauth2 support for a Yahoo
mail address I check with alpine. I also remembered to add it for the
Bulk Mail (spam) folder, and to the Role for SMTP support.
Interestingly, I didn't have to authenticate a second time in order to
send a test message with the Role, but I guess this doesn't affect
anything stored in the .passfile.

This isn't an alpine issue, but checking the Received headers for the interaction between the Yahoo Mail server and my local Mail server

(using TLSv1.2 with cipher (128/128 bits))
(No client certificate requested)

it's not clear to me whether Yahoo didn't request the certificate on my
end or my server didn't request Yahoo's certificate. Is a certificate
required to be requested at this point?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 18 Nov 2020, Adam H. Kerman wrote:

This isn't an alpine issue, but checking the Received headers for the interaction between the Yahoo Mail server and my local Mail server

(using TLSv1.2 with cipher (128/128 bits))
(No client certificate requested)

it's not clear to me whether Yahoo didn't request the certificate on my
end or my server didn't request Yahoo's certificate. Is a certificate required to be requested at this point?

My understanding is that this is an optional part of the ertification
process. A server can request a client to send a certificate, and is free
to do whatever it wants with the result of the validation of that
certificate (as in if the certificate is not sent or not valid, it can
either close of connection or continue it, just like clients do with
server certificates.)

I have never dealt with server that require certificates, so I do not have
use case for this.

--
Eduardo
https://tinyurl.com/yc377wlh (web)
http://repo.or.cz/alpine.git (Git)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Eduardo Chappa <chappa@washington.edu> wrote:

On Wed, 18 Nov 2020, Adam H. Kerman wrote:

This isn't an alpine issue, but checking the Received headers for the
interaction between the Yahoo Mail server and my local Mail server

(using TLSv1.2 with cipher (128/128 bits))
(No client certificate requested)

it's not clear to me whether Yahoo didn't request the certificate on my
end or my server didn't request Yahoo's certificate. Is a certificate
required to be requested at this point?

My understanding is that this is an optional part of the ertification >process. A server can request a client to send a certificate, and is free
to do whatever it wants with the result of the validation of that
certificate (as in if the certificate is not sent or not valid, it can
either close of connection or continue it, just like clients do with
server certificates.)

I have never dealt with server that require certificates, so I do not have >use case for this.

Thanks. I was wondering.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Dear Eduardo,

Am 10.10.2020 um 22:47 schrieb Eduardo Chappa:

Dear Alpiners,

it is my pleasure to announce the release of version 2.24 of Alpine.
The full list of new features and bug fixes can be read from the Release Notes, which can be reached from the Main Menu, by pressing the "R" key.

Thank you very much!

I installed the new version on 2 PCs with Windows 7 and 2 PCs with
Windows 10. One of the Windows 10 installations was almost clean. There
I had to install the Visual C++ Redistributable 2015 because of a
missing DLL.

One question: In which cases is the certs directory needed? For me it
seems to work without it.

Holger

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)