💾 Archived View for bbs.geminispace.org › s › misfin › 5546 captured on 2023-12-28 at 17:24:05. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-11-14)
-=-=-=-=-=-=-
I tried to send a message to rfc@misfin.org with the python client but it blocks when trying to connect.
Sep 25 · 3 months ago
🚀 clseibold · Sep 25 at 21:01:
You can try my misfin mail address: clseibold@auragem.letz.dev , or alexlehm's address (alexlehm@gemini.lehmann.cx). I'm not sure if I did the port-forwarding on my correctly, so it would be cool if someone could test sending to mine to see if it works.
I think lem's server is down atm or something, because my client also couldn't connect to theirs.
🚀 clseibold · Sep 25 at 21:07:
Do you have the server side running? I could try to send a message to you as well.
@clseibold Thanks. Just did another try with your address, using this command.
python -m transponder.debug send-as bee_hive.pem clseibold@auragem.letz.dev "Misfin test"
Did you receive it ? The command never returns, and when i do ctrl+c the traceback shows it was doing the SSL socket connection. I'll look at the code ...
@clseibold No i haven't tried running a server locally yet but i will.
🚀 clseibold · Sep 25 at 21:31:
@gemalaya Did you make your certificate? That should be in the place of "bee_hive.pem". I believe there is a make_cert command, or you could use the shell script (if you are on windows, then you have to turn the shell script into a batch file).
Also, I think the way misfin does verification to help with spam is it checks that all incoming mail is coming from a misfin server by talking to the server of the sender to see if it exists. So you might have to start your server first before you can send messages, but don't quote me on this.
Yeah, the command should be returning telling you it successfully sent, so the fact that it doesn't means there's something wrong.
@clseibold Ok i've generated a cert for localhost, run the server, and sending to localhost works perfectly.
python -m transponder.debug make-cert queen "Queen bee" localhost queen_hive.pem python -m transponder.debug receive-as queen_hive.pem
And then send to queen@localhost and it works.
I really like this thing! And it's in python, i could integrate it in gemalaya easily.
@clseibold I've tracked down the issue, and looked at what Request.send_as() is doing and what ports it uses ... Apparently misfin uses the port 1958, and i've tried to connect manually with telnet on misfin.org or auragem.letz.dev on that port and it fails.
So this is a networking issue, but i don't see why any ISP would block that port ? It's not an issue on my firewall cause i don't filter outbound traffic.
📷 billsmugs · Sep 25 at 21:52:
I'm also getting a timeout when trying to hit auragem.letz.dev on port 1958
🚀 clseibold · Sep 25 at 22:01:
@gemalaya Did you try alexlehm's address. That one worked for me. I'm pretty sure the problem is I didn't configure stuff correctly on my end.
I will check my port forwarding and firewall settings again to see what is going on.
Also, I mentioned this before, but I think the misfin.org (which is lem's server) is down or something is misconfigured.
📷 billsmugs · Sep 25 at 22:05:
alexlehm's address worked for me and I can telnet to your domain on port 1965 (but not 1958)
I can't hit misfin.org on 1958 either, although I did sucessfully send a message there a few months ago I think
@clseibold Sending to alexlehm@gemini.lehmann.cx worked !
🚀 clseibold · Sep 25 at 22:16:
Glad it worked! I'm restarting my computer atm to see if this ersolves anything. I have a feeling Windows Firewall is acting up, because I can't telnet onto port 1958 even from a different computer within my own network, lol.
🚀 clseibold · Sep 25 at 22:49:
So, I'm extremely frustrated. It just won't work. Can't even send from a different computer on my same network to the server. I've also made sure to open the ports in Windows Firewall, but it just fails to send.
@alexlehm How did you get your misfin server to work on Windows?
@clseibold You need to check which "hostname" you used in the certificates, that's what misfin looks at to know which hostname to contact. Make sure the hostname for the certificate you're sending to can be resolved by the client machine.
To see which hostname it's trying to contact, add this line in transponder/misfin.py in the send_as() function before the sock.connect call
print(req.recipient.hostname, default_port)
🚀 clseibold · Sep 25 at 23:09:
@gemalaya I used my auragem.letz.dev hostname. I don't have any fancy loopback stuff on my network, so I was trying to connect to the server with a local ip address, which might be why it isn't working. But I have no other way of testing whether the server works from outside my network. It's incredibly frustrating.
And I'm certainly not going to walk a hour to the nearest location with free wifi just to test this, lol.
🚀 clseibold · Sep 25 at 23:36:
I'm using a port checker online and it still says the port is closed. I have the port forwarding, and I even tried disabling the entire Windows Firewall, so I have no clue what's going on.
It's like any new port that I add to my modem's port forwarding settings just doesn't work.
I recall it taking several hours to get port 1965 for the Gemini server open too, because I had the same problems at first.
🚀 clseibold · Sep 26 at 03:08:
The only thing I can guess as to why my port is showing closed is that the python program isn't working correctly or something. Otherwise I have no clue. I'm going to look into trying the program from WSL to see if that changes anything.
I have the server on linux shared host, I use the python client to send only. I wouldn't be able to run the server on my windows since my ISP has CGNAT for IPv6 (vodafone cable), so I don't think I can do port forward
@clseilbold, I cannot reach your misfin port with telnet but I can reach your gemini port, likely you need some router config to reach it
🚀 clseibold · Sep 26 at 08:54:
@alexlehm The router is already configured for port forwarding of port 1958, *and* I allowed the port in Windows Firewall, so I really don't know what the issue is, tbh.
🚀 clseibold · Sep 26 at 18:59:
So, I might have found the problem, but I'm not sure. When the python program asks for your hostname, it's asking for the address you want to bind to, and assuming it's also the hostname people should use to email you with. I have been putting in "auragem.letz.dev", which I set to resolve to "127.0.0.1" in my hosts file. Additionally, in the make_cert command, the python program seems to run "x509.DNSName(hostname)" for the SubjAltName of the cert. This assumes that the hostname you listen on is the same as your DNS SubjAltName in your cert. This probably breaks for everyone that doesn't have loopback.
I changed the python program to listen on all available IP addresses instead (by using "0.0.0.0" in the bind function). @gemalaya Thanks for helping me figure this out!
@lem-two @lem I suggest making the python program simpler by using the "hostname" argument into the script as the SubjectAltName of the cert, and using "0.0.0.0" as the bind address so that it binds to all addresses.
I haven't tested this yet, but I think the changes I made will solve my issue... hopefully.
Edit: The changes fixed me being able to send to another computer from within my own network. Now I just need someone else to try to send to clseibold@auragem.letz.dev
📷 billsmugs · Sep 26 at 19:10:
@clseibold That seems to have fixed it - I've just sent a message and received a success response
🚀 clseibold · Sep 26 at 19:16:
@billsmugs Yay! Thanks! This is a good lesson for all developers, don't use the SubjAltName of the cert as the same as the bind address! Not everyone supports loopback! Imo, they should be handled completely separately.