------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
http://www.exim.org/bugzilla/show_bug.cgi?id=512
Summary: [PATCH] Let client authentication depend upon TLS being
present
Product: Exim
Version: N/A
Platform: Other
OS/Version: All
Status: NEW
Keywords: work:tiny
Severity: wishlist
Priority: medium
Component: SMTP Authentication
AssignedTo: ph10@???
ReportedBy: exim-dev@???
QAContact: exim-dev@???
A man-in-the-middle attack could strip STARTTLS from the EHLO response codes.
If a cleartext authentication protocol is configured then this can leak
authentication credentials so that they can be sniffed.
I'll attach a patch which:
* adds "client_attempt_condition" as an analogue to
"server_advertise_condition"
* adds a new variable "connection_tls_cipher", only set during the smtp
transport
* does not include documentations because
* I suck
* I may have done this badly
My recollection is that a process performing outbound SMTP won't be re-used so
it's safe to "set and forget" a global variable in the way that this patch
does. This is what I've probably gotten wrong ...
Testing consisted of:
1: client_attempt_condition = ${if def:connection_tls_cipher}
2: send mail via GMail Submission (PLAIN)
3: client_attempt_condition = no
4: send another mail, see it blocked in queue; run "exim -d -qff" and verify
that no matching authenticator is found
5: restore client_attempt_condition
6: watch mail get sent out
Feedback welcome. Variable renames fully expected.
-Phil Pennock
--
Configure bugmail:
http://www.exim.org/bugzilla/userprefs.cgi?tab=email
