mail-notification lost its ssl/tls ability

As per bug #44335, it seems that ssl/tls has been disabled for a long time in mail-notification/{ubuntu,debian} . Are you sure you didn't install it from a third-party repository?
Cheers

I haven't installed from third party - but I can't say if I didn't do something on my own on this very computer... I know I fideled with mail-notification, sometime someplace....

AFAICS someone suggests to try "feisty" in bug #44335, so it might be that it has been fixed from dapper to feisty, but reverted from feisty to gutsy?

but as I already said and someone in the mentioned bug tells with more direct but true words - mail-notification is next to useless without TLS/SSL support, it might even considered a security risk to use it, as it enforces the user to send clear-text passwords and it is the only gnome tool I know of and is shipped by default with ubuntu desktop installation.

Dear folks

I just verified on a feisty installation.

feisty does support SSL/TLS! Thus, the new binary in gutsy will break functionalty and will send passwords in clear text.

regards
Philipp

Same problem for me with my yahoo account.
It worked in feisty but the support for SSL/TLS seems to have been disable in Gutsy compilation of mail-notification (with the autodetect authentication).

Hello,
As per the BTS and the bug 44355, mail-notification never had ssl support in ubuntu, nor in debian.
In order to make sure that it uses ssl, can you please paste here the result of the following commands:

apt-cache policy mail-notification
objdump -p /usr/bin/mail-notification | grep NEEDED | grep -E '(ssl|tls)' ?

Thanks

$ apt-cache policy mail-notification
mail-notification:
  Installed: 4.1.dfsg.1-2ubuntu1
  Candidate: 4.1.dfsg.1-2ubuntu1
  Version table:
 *** 4.1.dfsg.1-2ubuntu1 0
        500 http://archive.ubuntu.com gutsy/universe Packages
        100 /var/lib/dpkg/status

$ objdump -p /usr/bin/mail-notification | grep NEEDED | grep -E '(ssl|tls)'
=> nothing found

I checked my yahoo account configuration on mail-notification.
In the connection tab, the authentication mecanism was "Autodetect" but no radio button for connection type was selected. I selected "standard" (the only option, the others are greyed) and the status message from my yahoo account change to "Authentication failed" in place of the message saying that mail-notification need to be compiling with the SSL/TLS option.

By the way, I have several account and the only one who works perfectly is the gmail one. The yahoo account never worked with feisty and my IMAP account from laposte.net give me an "Unreconized command" like in feisty (it has worked - and still worked with thunderbird - but I think the provider changes something that's not compatible with the IMAP support of mail-notification).

Thanks

I meant, can you run those commands on the feisty box where you have mail-notification installed, as actually - we know there's no tls nor ssl in gutsy, the needed information is about the feisty package :)
cheers

I'm sorry, but I don't have festy anymore...

apt-cache policy mail-notification
mail-notification:
  Installed: 4.0~rc2.dfsg.1-4build1
  Candidate: 4.0~rc2.dfsg.1-4build1
  Version table:
 *** 4.0~rc2.dfsg.1-4build1 0
        500 http://ch.archive.ubuntu.com feisty/universe Packages
        100 /var/lib/dpkg/status

The "grep" does not show anything, but attached you'll find a screeny of the settings, there you see that ssl/tls is selectable and if I do so mail-notiications shows up what' in my mailbox.

The fact that grep returns nothing shows that mail-notification was not compiled
with ssl support. The ssl option not being greyed out is likely a bug in the
program. (when compiled with --enable-ssl, mail-notification is linked against
libssl directly. In feisty this is not the case, and the program has no ssl nor
tls support. really)

On Mon, Oct 08, 2007 at 10:34:04AM -0000, Phoenix wrote :
> apt-cache policy mail-notification
> mail-notification:
> Installed: 4.0~rc2.dfsg.1-4build1
> Candidate: 4.0~rc2.dfsg.1-4build1
> Version table:
> *** 4.0~rc2.dfsg.1-4build1 0
> 500 http://ch.archive.ubuntu.com feisty/universe Packages
> 100 /var/lib/dpkg/status
>
>
> The "grep" does not show anything, but attached you'll find a screeny of the settings, there you see that ssl/tls is selectable and if I do so mail-notiications shows up what' in my mailbox.
>
>
> ** Attachment added: "mail notifications ssl screeny"
> http://launchpadlibrarian.net/9868487/mail-notification.png
>
> --
> mail-notification lost its ssl/tls ability
> https://bugs.launchpad.net/bugs/132947
> You received this bug notification because you are a direct subscriber
> of the bug.

--
Albin Tonnerre, aka Lutin
 - Search a little longer, travel a little further

I can confirm this. TLS/SSL works fine in Feisty and is grayed out in Gutsy.

There's been a patch on the BTS and upstream to fix a ratherwwrong behavior,
which was to default to sending passwords in cleartext when ssl was not
enabled. The patch was added in debian version 4.0.dfsg.1-2, ie after
feisty was released. That could explain why it's not greyed out. But the
fact that it's not greyed out does not mean that it does work.
You can easily see if the ssl functionnality is enabled by trying the
commands I gave above, but you'll find out that it's actually disabled

Cheers

On 10/21/07, unggnu <email address hidden> wrote:
>
> I can confirm this. TLS/SSL works fine in Feisty and is grayed out in
> Gutsy.
>
> --
> mail-notification lost its ssl/tls ability
> https://bugs.launchpad.net/bugs/132947
> You received this bug notification because you are a direct subscriber
> of the bug.
>

Ok, you are possible right and my post was mistakable . I have choosen TLS but never got it to work so I choose unencrypted but I thought this was an port issue.

i can confirm that on gutsy it's disabled (grayed-out).

is there a patch to enable tls/ssl encryption with mail-notification?

I have feisty on one PC and just upgraded to gutsy in the other. On feisty I can access with mail-notified my SSL/TLS IMAP mailbox; see the screenshot of the configuration attached. In gutsy it is grayed out.
I can recompile mail-notifier, no problem, but it's quite surprising...

The output of the commands sugegsted in feisty are:

(0)pern:~% apt-cache policy mail-notification
mail-notification:
  Installed: 4.0.dfsg.1-1ubuntu1~feisty1
  Candidate: 4.0.dfsg.1-1ubuntu1~feisty1
  Version table:
 *** 4.0.dfsg.1-1ubuntu1~feisty1 0
        500 http://archive.ubuntu.com feisty-backports/universe Packages
        100 /var/lib/dpkg/status
     4.0~rc2.dfsg.1-4build1 0
        500 http://archive.ubuntu.com feisty/universe Packages
(0)pern:~% objdump -p /usr/bin/mail-notification | grep NEEDED | grep -E '(ssl|tls)'
(1)pern:~%

I'll mark this a duplicate of bug #44335 as it's about the same issue. Currently ssl/tls cannot be enabled due to licensing issues.

SSL/TLS can in fact be enabled for mail-notification 5.4.

The trick is you have to download and compile the source manually. If you do that, SSL should be enabled by default - you shouldn't need any special config parameters.

Download the source code for v5.4:
http://savannah.nongnu.org/download/mailnotify/mail-notification-5.4.tar.bz2

Once downloaded, extract it. For our purposes, let's say we're extracting to $HOME/.sourcecode/

Compile the source code:
- in a terminal window, type the following lines:

cd $HOME/.sourcecode/mail-notification-5.4
./configure
make
sudo make install

That should get 'er goin' with SSL support. (At least, it worked for me and I'm running Hardy Heron, 8.04, so it should work the same for Gutsy.)

On Wed, Aug 6, 2008 at 2:11 PM, l33ting disorder <email address hidden> wrote:
> *** This bug is a duplicate of bug 44335 ***
> https://bugs.launchpad.net/bugs/44335
>
> SSL/TLS can in fact be enabled for mail-notification 5.4.
>
> The trick is you have to download and compile the source manually. If
> you do that, SSL should be enabled by default - you shouldn't need any
> special config parameters.
>
>
> Download the source code for v5.4:
> http://savannah.nongnu.org/download/mailnotify/mail-notification-5.4.tar.bz2
>
> Once downloaded, extract it. For our purposes, let's say we're
> extracting to $HOME/.sourcecode/
>
> Compile the source code:
> - in a terminal window, type the following lines:
>
> cd $HOME/.sourcecode/mail-notification-5.4
> ./configure
> make
> sudo make install
>
> That should get 'er goin' with SSL support. (At least, it worked for me
> and I'm running Hardy Heron, 8.04, so it should work the same for
> Gutsy.)

You can also create your own package with SSL enabled.
1) Get the source files and packaging files: apt-get source mail-notification
2) Remove --disable-ssl (4.x) or ssl=no (>= 5.4) from debian/rules
3) Create a new entry in the changelog to avoid confusion e.g. 5.4.dfsg.1-1.1
4) Rebuild a package: debuild -B

Note that Debian repositories now have mn-5.4.

Cheers,

-Pascal
--
Homepage (http://organact.mine.nu)
Debian GNU/Linux (http://www.debian.org)
LACIME: École de technologie supérieure (http://lacime.etsmtl.ca)