[CC'ed to Marc directly, not my usual practice]
On 30 Sep 2005 at 8:37, Marc Haber wrote about
"Re: [exim] Upgrade blues...":
|...
| Debian's exim doesn't advertise SMTP AUTH over unencrypted
| connections.
|...
| >support_broken_outlook_express_4_server:
| > driver = plaintext
| > public_name = "\r\n250-AUTH=PLAIN LOGIN"
| > server_prompts = User Name : Password
| > server_condition = no
| >
| >which I enabled (didn't make any difference for the KMail case).
Marc -
Note that the OutLook hack "authenticator" should have the same
conditionality as the other plain text authenticators:
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
As it is, with the hack enabled but no cram-md5 authenticator, the
EHLO response for an unauthenticated connection winds up including:
250-AUTH
250-AUTH=PLAIN LOGIN
I didn't check to see if AUTH with no parameters is valid, but in any
case you don't want to be advertising plain text authenticators to
MUAs that recognise AUTH= either.
- Fred
