SecureSockets

Andrew: I said “major”, and this is almost certainly correct. Telekom/T-Online, United Internet (1&1, web.de, GMX), Freenet.de all insist on the only remaining secure transport and have disallowed insecure encryption for some time now. I guess these providers together have at least 90% market share wrt email. Both major hosting providers (1&1 and Strato) are strongly discouraging insecure mail access, but still allow backward compatible access for legacy customers.

Anyway, this is am academic discussion. Nobody wants insecure communication, and at the moment it is very complicated to set up RISC OS to only use secure communication. Does Hermes/NetFetch still use SecureSockets? What does Messenger Pro IMAP use?

I hear you Steffen, but I have had reports of users running with German ISPs (I don’t know which), via SSL/TLS via our software. Note that TLS was added in a late release of v3.5 (3.67 I think) for a German user. I don’t have accounts with said ISPs, and you don’t have current Hermes/SecureSockets, so let’s leave it there for now.

We both agree SecureSockets needs an update, I just don’t think the situation is quite as dire as you do, based on my experiences using SSL/TLS via SecureSockets recently. That’s why I released the source code last year!

I use the SecureG (?) to fetch my mails from my t-online account (securepop). But send mails is a problem because attachments > 64MB are destroyed. Not sure what the reason is but I have the same problem with the !POPStar based secure fetcher !POP3S and !SMTPS. A library problem?
The released source code is a bit unsorted, I mean. As I remember one of the GAG User has not success with this.