Author: Rafał Kupka Date: To: exim-users Subject: Re: [exim] Exim4 EHLO/STARTTLS/AUTH and buggy client
On Sun, Apr 29, 2007 at 07:28:38AM -0700, Mark wrote:
Hello,
> Synopsis: Buggy client wants to relay a message via Exim server to a foreign
> domain, authenticating to Exim with TLS/PLAIN
>
> Client program initiates EHLO with Exim server.
> Exim says Hello
> STARTTLS and AUTH get advertised.
> Buggy client likes STARTTLS and starts it.
> Exim says TLS - go ahead!
> Exim and buggy client happily chatting encryptically.
> Buggy client does not say EHLO again, but instead AUTH LOGIN
> Exim says, I didn't advertise that! And errors: AUTH command used when not
> advertised.
Add "tls_remember_esmtp = true" in exim.conf file main section.
exim spec fragment:
+---------------------------------------------------------+
|tls_remember_esmtp|Use: main|Type: boolean|Default: false|
+---------------------------------------------------------+
If this option is set true, Exim violates the RFCs by remembering that
it is in "esmtp" state after successfully negotiating a TLS session.
This provides support for broken clients that fail to send a new EHLO
after starting a TLS session.
Kupson
--
Great software without the knowledge to run it is pretty useless.
(Linux Gazette #1)