How do we use java mail API so that SMTP authentication is done only when needed. For example, if mail.smtp.auth property is set to true, authentication is done even when it is not required by the SMTP server.
我们如何使用java邮件API,以便仅在需要时才进行SMTP身份验证。例如,如果mail.smtp.auth属性设置为true,则即使SMTP服务器不需要,也会进行身份验证。
Do I need to first send mail without password, catch exception and based on exception send mail with password?
我是否需要首先发送没有密码的邮件,捕获异常并根据异常发送带密码的邮件?
2 个解决方案
#1
0
if mail.smtp.auth property is set to true, authentication is done even when it is not required by the SMTP server.
如果mail.smtp.auth属性设置为true,即使SMTP服务器不需要,也会进行身份验证。
It is rather hard to believe in the existence or utility of an SMTP server that doesn't require authentication.
很难相信不需要身份验证的SMTP服务器的存在或实用程序。
#2
0
Based on this:
基于此:
I don't have control implied that it is upto the user who use the software.
我没有控制权暗示使用该软件的用户是由我决定的。
The simple solution is to allow the user to turn on / off the use of the configured authentication details. There are a number of them, including some that enable / disable authentication.
简单的解决方案是允许用户打开/关闭使用配置的身份验证详细信息。其中有许多,包括一些启用/禁用身份验证。
Beyond that, you are out of luck. You will need to implement your own SMTP provider behavior, either by creating a subclass, or by starting from scratch. Alternatively, catch the exception and retry.
除此之外,你运气不好。您需要通过创建子类或从头开始实现自己的SMTP提供程序行为。或者,捕获异常并重试。
Your particular mode of operation is simply not supported.
您的特定操作模式根本不受支持。
For what it is worth, I think that the javamail implementors did the right thing in not supporting this use-case, whether or not they did it deliberately. It would encourage mail server implementors to be sloppy about security, and end users to play silly games with email spoofing.
对于它的价值,我认为javamail实现者在不支持这个用例时做了正确的事情,无论他们是否故意这样做。它会鼓励邮件服务器实现者对安全性大肆宣传,最终用户可以通过电子邮件欺骗来玩愚蠢的游戏。
#1
0
if mail.smtp.auth property is set to true, authentication is done even when it is not required by the SMTP server.
如果mail.smtp.auth属性设置为true,即使SMTP服务器不需要,也会进行身份验证。
It is rather hard to believe in the existence or utility of an SMTP server that doesn't require authentication.
很难相信不需要身份验证的SMTP服务器的存在或实用程序。
#2
0
Based on this:
基于此:
I don't have control implied that it is upto the user who use the software.
我没有控制权暗示使用该软件的用户是由我决定的。
The simple solution is to allow the user to turn on / off the use of the configured authentication details. There are a number of them, including some that enable / disable authentication.
简单的解决方案是允许用户打开/关闭使用配置的身份验证详细信息。其中有许多,包括一些启用/禁用身份验证。
Beyond that, you are out of luck. You will need to implement your own SMTP provider behavior, either by creating a subclass, or by starting from scratch. Alternatively, catch the exception and retry.
除此之外,你运气不好。您需要通过创建子类或从头开始实现自己的SMTP提供程序行为。或者,捕获异常并重试。
Your particular mode of operation is simply not supported.
您的特定操作模式根本不受支持。
For what it is worth, I think that the javamail implementors did the right thing in not supporting this use-case, whether or not they did it deliberately. It would encourage mail server implementors to be sloppy about security, and end users to play silly games with email spoofing.
对于它的价值,我认为javamail实现者在不支持这个用例时做了正确的事情,无论他们是否故意这样做。它会鼓励邮件服务器实现者对安全性大肆宣传,最终用户可以通过电子邮件欺骗来玩愚蠢的游戏。