Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net/smtp: can not use PlainAuth without call to StartTLS #3609

Closed
gopherbot opened this issue May 10, 2012 · 2 comments
Closed

net/smtp: can not use PlainAuth without call to StartTLS #3609

gopherbot opened this issue May 10, 2012 · 2 comments
Labels
FrozenDueToAge

Comments

@gopherbot
Copy link

by linuxhacker100:

In the smtp package it is impossible to use plain authentication without calling
StartTLS. This even happens when you manually make the client with a tls.Conn. There are
times when you want to force plain auth even if the client does not know encryption is
in use. There could be a VPN or the underlying connection may be encrypted or local.
@rsc
Copy link
Contributor

rsc commented May 10, 2012

Comment 1:

I think the benefits of making sure people don't send passwords in
clear text over networks accidentally outweigh the inconvenience of
not being able to use PlainAuth when you do intend to send a password
over a network in clear text.
PlainAuth is just a helper and does not do anything that requires help
from net/smtp.  I would suggest to copy the PlainAuth implementation
into your own package and delete the lines that require TLS.  It's
under 20 lines of code.

Status changed to WorkingAsIntended.

@gopherbot
Copy link
Author

Comment 2 by linuxhacker100:

I ended up just using StartTLS (instead of TLS.Conn). However, it would be nice if there
was a way to override the default.
Yes, copying the code is probably what I would do if StartTLS was not an option.

@golang golang locked and limited conversation to collaborators Jun 24, 2016
This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rsc @gopherbot