What's wrong with my Python attempt at sending mail via SMTP through Gmail? The SSL wrapper doesn't seem to work

Question

I have the following pretty simple Python code, derived from here:

import ssl
import base64
from socket import *

cc = socket(AF_INET, SOCK_STREAM)
cc.connect(("smtp.gmail.com", 587))

cc.send('helo tester.com\r\n')
cc.send('starttls\r\n')

scc = ssl.wrap_socket(cc, ssl_version=ssl.PROTOCOL_SSLv23)
scc.send('AUTH LOGIN\r\n')

scc.send(base64.b64encode('myBase64EncodedUsernameAndPassword==')+'\r\n')
scc.send

However upon running it I get:

Traceback (most recent call last):
  File "Untitled 2.py", line 16, in <module>
    scc = ssl.wrap_socket(cc, ssl_version=ssl.PROTOCOL_SSLv23)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 387, in wrap_socket
    ciphers=ciphers)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 143, in __init__
    self.do_handshake()
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 305, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [Errno 1] _ssl.c:507: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

What am I doing wrong?

Answer 1

You blindly send data to the server without making any attempts to read and check the answer from the server. But this is required, because only after a successful response to the STARTTLS command you can upgrade the socket to SSL.

Since you don't read the responses from the server and try to upgrade the socket blindly to SSL it will start the SSL handshake by sending the ClientHello but then croak with unknown protocol because instead of reading the ServerHello it will read the plain text data from the server which you were supposed to read earlier.

For details on how to correctly handle SMTP see the standard, that is RFC 5321 and RFC 3207.