仅在需要时才进行 Java SMTP 身份验证
我们如何使用 java mail API 以便仅在需要时才进行 SMTP 身份验证。 例如,如果 mail.smtp.auth 属性设置为 true,则即使 SMTP 服务器不需要身份验证,也会进行身份验证。
我是否需要先发送没有密码的邮件,捕获异常并根据异常发送带有密码的邮件?
How do we use java mail API so that SMTP authentication is done only when needed.
For example, if mail.smtp.auth property is set to true, authentication is done even when it is not required by the SMTP server.
Do I need to first send mail without password, catch exception and based on exception send mail with password?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
![扫码二维码加入Web技术交流群](/public/img/jiaqun_03.jpg)
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
很难相信不需要身份验证的 SMTP 服务器的存在或实用性。
It is rather hard to believe in the existence or utility of an SMTP server that doesn't require authentication.
基于此:
简单的解决方案是允许用户打开/关闭使用已配置的身份验证详细信息。其中有很多,包括一些启用/禁用身份验证的。
除此之外,你就不走运了。您需要通过创建子类或从头开始来实现您自己的 SMTP 提供程序行为。或者,捕获异常并重试。
您的特定操作模式根本不受支持。
无论如何,我认为 javamail 实现者不支持这个用例是正确的,无论他们是否故意这样做。它会鼓励邮件服务器实施者在安全方面马虎,并鼓励最终用户玩电子邮件欺骗的愚蠢游戏。
Based on this:
The simple solution is to allow the user to turn on / off the use of the configured authentication details. There are a number of them, including some that enable / disable authentication.
Beyond that, you are out of luck. You will need to implement your own SMTP provider behavior, either by creating a subclass, or by starting from scratch. Alternatively, catch the exception and retry.
Your particular mode of operation is simply not supported.
For what it is worth, I think that the javamail implementors did the right thing in not supporting this use-case, whether or not they did it deliberately. It would encourage mail server implementors to be sloppy about security, and end users to play silly games with email spoofing.