Reputation: 7789
What are the Curl SMTP command line arguments to support GMail TLS/STARTTLS vs SSL
I am using Curl.exe in an application to send emails. I need to support most major email servers. GMail exposes the following ports and Authentication methods.
- TLS/STARTTLS (sometimes called Explicit TLS): uses port 587
- SSL (sometimes called Implicit TLS): uses port 465
I have gotten the Explicit TLS to work using the following command line:
C:\>curl smtp://smtp.gmail.com:587 -v --mail-from "[email protected]" --mail-rcpt
"[email protected]" --ssl -u [email protected]:password -T "c:\test.txt" -k --anyauth
I have tried the following to get ImplicitTLS to work, but it is not.
C:\>curl smtp://smtp.gmail.com:465 -v --mail-from "[email protected]" --mail-rcpt
"[email protected]" --ssl -u [email protected]:password -T "c:\test.txt" -k --anyauth
What are the proper command line parameters to get SSL/Implicit TLS to work?
Upvotes: 19
Views: 48421
Answers (4)
Reputation: 1761
You can test using this command:
curl -v --url "smtps://smtp.gmail.com:465" --ssl-reqd --mail-from "[email protected]" --user "[email protected]" --mail-rcpt "[email protected]"
You will have to create a new 16 digits password specific for this application and simply change the account password to this new secure app password. Now you can create one password for each app. It will keep your account password safe and manage app passwords separately.
Login to your account to create it: https://myaccount.google.com/apppasswords
You must enable the 2-Step Verification (https://myaccount.google.com/signinoptions/two-step-verification) to access this feature.
To help keep your account secure, from May 30, 2022, Google no longer supports the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password.
Upvotes: 2
Reputation: 2694
Your can try this..
curl --url "smtps://smtp.gmail.com:465" --ssl-reqd --mail-from "[email protected]" --mail-rcpt "[email protected]" --upload-file /var/scripts/mail.txt --user "[email protected]:senderGmailPassword"
Upvotes: 2
Reputation: 409
well i just tried the following and it works fine:
curl smtps://smtp.gmail.com:465 -v --mail-from "[email protected]" --mail-rcpt "[email protected]" --ssl -u [email protected]:password -T "test.txt" -k --anyauth
hope it helps!
Upvotes: 13
Reputation: 122719
Use smtps:// for SMTPS (i.e. SMTP on top of an existing SSL/TLS connection).
This works:
curl smtps://smtp.gmail.com:465 -v
I would also use --ssl-reqd for the explicit STARTTLS connection to make sure SSL/TLS is used when you expect it to be (downgrade attacks would be possible otherwise).
Don't use -k either, check the server certificate: see http://curl.haxx.se/docs/sslcerts.html
Upvotes: 21
Related Questions
- Mailkit SMTP - StartTLS & TLS flags
- Why does Send-MailMessage fail to send using STARTTLS over Port 587
- Using curl to send email
- TLS connection to smtp.gmail.com isn't working
- Connection with google mail using openssl s_client command
- Using SMTP, Gmail, and STARTTLS
- Send Email with STARTTLS
- openssl to negotiate SSL encryption for STARTTLS
- Is starttls+smtp the same with SMTP over SSL?
- About STARTTLS SMTP Command