On Mon, 17 Feb 2003, Liu Xin wrote:
> It seems that as clients MTAs based on cyrus-sasl library send:
>
> AUTH LOGIN =
>
> instead of:
>
> AUTH LOGIN
>
> ( At least the sendmail in RedHat 8.0 behaves so. )
>
> The "=" is treated by exim as $1 that is of zero length, but it should
> be ignored so that the user name will be $1 and the password will be $2.
>
> Since the LOGIN mechanism is not officially documented, I wonder should
> this problem be of exim's or of cyrus-sasl's? And will the exim developers
> be willing to make exim compatible with such "AUTH LOGIN ="?
Sigh.
LOGIN was invented and first used by Pine. It seems still to be working
fine. The "specification" (which does not exist) is definitely just to
send AUTH LOGIN with no data. I believe that to send any additional data
is an error. I googled around, and certainly saw examples that claimed
to be sendmail behaving "correctly". Is there some configuration that
might change this?
LOGIN has been in use in Exim for a number of years without problems.
Why is cyrus-sasl trying to be different?
I am definitely NOT enthusiastic about this. I was equally
unenthusiastic about the other client that screwed up the authentication
protocol in SMTP, the one that expected "AUTH=LOGIN" to be advertised.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
