Re: [exim] AUTH over TLS only

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MMarco at <-
MAlan J. Flavell at ->
Delete this message
Reply to this message
Author: Marc Sherman
Date:  
To: exim-users
Subject: Re: [exim] AUTH over TLS only
Marco wrote:
>
> I look this message only on my log. Can Exim send an SMTP error (ex.
> code 5xx Encryption required for authenticated sending)
> to client?

No, Marco, as others have already explained to you. SMTP clients will
not attempt to authenticate if AUTH is not advertised, and a properly
configured Exim server will only advertise LOGIN and/or PLAIN
authentication over an encrypted connection, so there is never an
opportunity to send that error.

Alan's error will never get sent, because if a client attempts to
authenticate when AUTH is not advertised, Exim detects that as a
protocol error, and it never gets to the ACL:

> 220 pyloric.projectile.ca ESMTP Exim 4.52 Sat, 04 Feb 2006 09:29:59 -0500
> EHLO test.projectile.ca
> 250-pyloric.projectile.ca Hello vomit.projectile.ca [192.168.23.50]
> 250-SIZE 52428800
> 250-STARTTLS
> 250 HELP
> AUTH LOGIN
> 503 AUTH command used when not advertised

- Marc


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] AUTH over TLS only[exim] eximstats - counting "=>" but not "->"->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)