Re: [exim] Upgrade blues...

Top Page
Delete this message
Reply to this message
Author: Fred Viles
Date:  
To: exim-users
CC: Marc Haber
Subject: Re: [exim] Upgrade blues...
[CC'ed to Marc directly, not my usual practice]

On 30 Sep 2005 at 8:37, Marc Haber wrote about
    "Re: [exim] Upgrade blues...":


|...
| Debian's exim doesn't advertise SMTP AUTH over unencrypted
| connections.


|...
| >support_broken_outlook_express_4_server:
| > driver = plaintext
| > public_name = "\r\n250-AUTH=PLAIN LOGIN"
| > server_prompts = User Name : Password
| > server_condition = no
| >
| >which I enabled (didn't make any difference for the KMail case).


Marc -

Note that the OutLook hack "authenticator" should have the same
conditionality as the other plain text authenticators:

.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif

As it is, with the hack enabled but no cram-md5 authenticator, the
EHLO response for an unauthenticated connection winds up including:

250-AUTH
250-AUTH=PLAIN LOGIN

I didn't check to see if AUTH with no parameters is valid, but in any
case you don't want to be advertising plain text authenticators to
MUAs that recognise AUTH= either.

- Fred