No TLS/SSL cert validation

[tiran]

You are using SMTP_SSL and IMAP4_SSL without a SSL context object or a certfile. Python's ssl library doesn't validate the certificate chain unless you explicitly configure a context or certfile.

[BjarniRunar]

Absolutely right, none of this stuff is being done securely yet. Thanks for opening an issue to track this so it doesn't get forgotten.

[tiran]

You are welcome! :)

Feel free to contact me if you need advice or assistance. I'm one of the maintainers of Python's ssl module and I'm working on improving the CA cert situation of Python.

[robotanarchy]

@BjarniRunar: Thanks for making mailpile. From its goals, it looks like, it will really be able to make emails for non-techy people a lot easier and secure.

However, I think this issue needs more attention! From what you said, without checking certificates, it is possible to do a man-in-the-middle attack and steal the users e-mail credentials, read all the users (non-encrypted) mail, even lots of metadata of encrypted mail, send e-mails in the users name, delete the users mails from the server and so on!

This is a security hole I would really not expect as user from a client focused on privacy and encryption.

So please fix this with high priority and - in the meantime - add a big message in the UI where you type in the credentials, where it says that TLS certificates do not get checked at all (and a link to this github issue preferably). I think this is important enough, that you should make a new release, which just includes that message as soon as possible.

[ghost]

What's the state of this bug? The issue is still open but the commit messages referring to it claim to have it solved. @BjarniRunar

[BjarniRunar]

@mekeor - The PR is just sort of sitting there in case someone wants to review it. The review window has timed out; next time I find time to do some Mailpile work I'll fix a minor documentation buglet and merge.