> >>So now I just need to get my head around SPA so that Outlook users can
> >>also use SMTP AUTH. I plan to replace my pop-before-smtp implementation
> >>with authenticated relay only.
> >
> > Ugh. I didn't realize that SPA requires the server to have access to
> > the cleartext password. What a bitch. :-(
>
> Have a look at http://billy.demon.nl/EximAuth.html and see if the bit
> about CRAM-MD5 AUTH helps. That's cleartext, too - I've never had to use
> SPA. But if that works the same way ...
I setup LOGIN, PLAIN, CRAM-MD5 and SPA at work. My CRAM-MD5 and SPA pretty
much look exactly the same. One thing about SPA on the outlook side, it
uses your windows login information to authenticate, not your email
address/login information (if different). Apparently it doesn't even offer
you the option of supplying login information. I tested this with outlook
2000. I have not tested outlook express since we don't use it.
--
Lab tests show that use of micro$oft causes cancer in lab animals