On Thu, 1 Dec 2005 13:46:42 +0000 (GMT), Philip Hazel
<ph10@???> wrote:
>On Thu, 1 Dec 2005, Marc Haber wrote:
>> It should prevent a well-behaved client from authenticating since it
>> does only advertise AUTH over encrypted connections. Of course, a very
>> broken client who insists to authenticate even to a server that
>> doesn't advertise AUTH is not prevented.
>
>It's not prevented from *trying*, but Exim won't accept AUTH unless it
>has advertised it.
Is there a MUA so broken that it tries to authenticate without the
server having advertised AUTH? I think that even Outlook does _this_
right.
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
