[exim] Opposing RFCs ? - Case In/Sensitive AUTH SASL Methode

Top Page
Delete this message
Reply to this message
Author: Nicola Tiling
Date:  
To: Exim-users
Subject: [exim] Opposing RFCs ? - Case In/Sensitive AUTH SASL Methode
Hi

We have trouble with a program that uses a microsoft mail routine. It
sends the SASL auth Parameter in lower case but exim only allow upper
case

    AUTH login
    503 AUTH LOGIN or AUTH PLAIN OR AUTH CRAM-MD5 OR AUTH MSN is REQUIRED


    AUTH LOGIN
    334 VXNlcm5hbWU6


Exim refer to RFC 2222 (Manual: "33.1. Generic options for
authenticators" / "public_name") but it seems RFC 2222 and RFC 2554
are opposite at this point.

RFC 2554 says the SASL auth_type has to be case insensitive ("ALPHA/
DIGIT"). But RFC 2222 says the SASL mechanism is named only upper-case.

The customer insists that exim has to perform RFC 2554 and he says
other MTAs like sendmail do so.

Who is right? And is there a possibility to configure exim to except
the AUTH mechanism case-insensitive ?

---------------------
RFC2554 - SMTP Service Extension for Authentication

3. The Authentication service extension
...
   (3) The AUTH EHLO keyword contains as a parameter a space separated
       list of the names of supported SASL mechanisms.



7. Formal Syntax
...
Except as noted otherwise, all alphabetic characters are case-
insensitive. The use of upper or lower case characters to define
token strings is for editorial clarity only. Implementations MUST
accept these strings in a case-insensitive fashion.

   UPALPHA         = %x41-5A            ;; Uppercase: A-Z
   LOALPHA         = %x61-7A            ;; Lowercase: a-z
   ALPHA           = UPALPHA / LOALPHA  ;; case insensitive
   DIGIT           = %x30-39            ;; Digits 0-9
...
   AUTH_CHAR       = ALPHA / DIGIT / "-" / "_"
   auth_type       = 1*20AUTH_CHAR
   auth_command    = "AUTH" SPACE auth_type [SPACE (base64 / "=")]
                     *(CRLF [base64]) CRLF


   auth_param      = "AUTH=" xtext
                       ;; The decoded form of the xtext MUST be either
                       ;; an addr-spec or the two characters "<>"


...
---------------------

RFC2222 - Simple Authentication and Security Layer (SASL)

3.    Introduction and Overview
...
   The command has a required argument identifying a SASL mechanism.
   SASL mechanisms are named by strings, from 1 to 20 characters in
   length, consisting of upper-case letters, digits, hyphens, and/or
   underscores.  SASL mechanism names must be registered with the IANA.
   Procedures for registering new SASL mechanisms are given in the
   section "Registration procedures"



---------------------

Nicola