Re: [Exim] Recipient checking: LDAP

> > I setup LOGIN, PLAIN, CRAM-MD5 and SPA at work. My CRAM-MD5 and SPA pretty
> > much look exactly the same. One thing about SPA on the outlook side, it
> > uses your windows login information to authenticate, not your email
> > address/login information (if different). Apparently it doesn't even offer
> > you the option of supplying login information. I tested this with outlook
> > 2000. I have not tested outlook express since we don't use it.
>
> Yup. I've found that at least recent versions of Outlook allow a
> username/password login for SMTP; it works with AUTH LOGIN.

I've found the same thing. Hoever outlook 2000 is all we use where I work.
(Except me. I use mutt =)

> So SPA can get knotted. I'll provide AUTH LOGIN only, and give the
> administrator the option to offer it only on TLS connections.

In my environment, I have the users's network login in the database, they
can use either that or their email address for authentication. Both
passwords are the same (logins are not, except for 2 or 3 people)

--
Lab tests show that use of micro$oft causes cancer in lab animals