Re: [exim] mail.app and authentication

Philip Hazel wrote:

> The rules state that AUTH must be advertised before it can be used. The
> whole point of advertising extensions is to stop clients trying to use
> extensions that the server doesn't implement. It looks to me as though
> mail.app and kmail are behaving impeccably in this regard. When you say
> "seem to work OK" for Thunderbird and Outlook, what do you mean? My
> hunch is that they are delivering just fine without every trying to
> authenticate.

Your right about Thunderbird and Outlook. They obviously see no AUTH
advertised and just send without. This will work from inside our domain
but we enforce authenticated logins from outside.

> I'm not sure what your problem is. I presume you are talking about
> clients all of whom are inside your domain. The point of not advertising
> AUTH is to stop clients from even trying to authenticate (because you
> are authenticating them by IP address, so they don't need to) so that
> they don't unnecessarily ask users for passwords. If you want clients to
> use AUTH inside your domain, then you should advertise it to them.
> That's the Exim "tweak".

The problem is users with laptops that work outside the our domain who
then bring them onsite and find they stop working without tinkering with
the client settings.

It looks as though we either need to advertise AUTH internally or
educate the roamers appropriately. Thank you for the explanation.

Clive McDowell

Information Services
The Queen's University of Belfast