Re: [exim] auth_hack_outlook4 for Exim4

トップ ページ
このメッセージを削除
このメッセージに返信
著者: David Cannings
日付:  
To: exim-users@exim.org
題目: Re: [exim] auth_hack_outlook4 for Exim4
Piotr Roszatycki wrote:
> I've tried to convince the Debian maintainer to include this patch to
> the Debian package. Unfortunately, he wants to be close to the
> upstream source.


Taking a quick look at the relevant RFC[1] the only place AUTH= is
defined is when used in conjunction with MAIL FROM. Thus it would be
syntactically incorrect to supply "AUTH=xx" to the MUA upon connection
negotiation.

It seems that Outlook Express 4 is rather out of date anyway, OE6 is now
shipped with IE and Windows. In the interests of wider security, does
OE4 really fit in now?

Patching the mail server in order to counteract bad behaviour by clients
is not, in my opinion, the correct solution here.

David

1 - http://www.faqs.org/rfcs/rfc2554.html