Hi
We have trouble with a program that uses a microsoft mail routine. It
sends the SASL auth Parameter in lower case but exim only allow upper
case
AUTH login
503 AUTH LOGIN or AUTH PLAIN OR AUTH CRAM-MD5 OR AUTH MSN is REQUIRED
AUTH LOGIN
334 VXNlcm5hbWU6
Exim refer to RFC 2222 (Manual: "33.1. Generic options for
authenticators" / "public_name") but it seems RFC 2222 and RFC 2554
are opposite at this point.
RFC 2554 says the SASL auth_type has to be case insensitive ("ALPHA/
DIGIT"). But RFC 2222 says the SASL mechanism is named only upper-case.
The customer insists that exim has to perform RFC 2554 and he says
other MTAs like sendmail do so.
Who is right? And is there a possibility to configure exim to except
the AUTH mechanism case-insensitive ?
---------------------
RFC2554 - SMTP Service Extension for Authentication
3. The Authentication service extension
...
(3) The AUTH EHLO keyword contains as a parameter a space separated
list of the names of supported SASL mechanisms.
7. Formal Syntax
...
Except as noted otherwise, all alphabetic characters are case-
insensitive. The use of upper or lower case characters to define
token strings is for editorial clarity only. Implementations MUST
accept these strings in a case-insensitive fashion.
UPALPHA = %x41-5A ;; Uppercase: A-Z
LOALPHA = %x61-7A ;; Lowercase: a-z
ALPHA = UPALPHA / LOALPHA ;; case insensitive
DIGIT = %x30-39 ;; Digits 0-9
...
AUTH_CHAR = ALPHA / DIGIT / "-" / "_"
auth_type = 1*20AUTH_CHAR
auth_command = "AUTH" SPACE auth_type [SPACE (base64 / "=")]
*(CRLF [base64]) CRLF
auth_param = "AUTH=" xtext
;; The decoded form of the xtext MUST be either
;; an addr-spec or the two characters "<>"
...
---------------------
RFC2222 - Simple Authentication and Security Layer (SASL)
3. Introduction and Overview
...
The command has a required argument identifying a SASL mechanism.
SASL mechanisms are named by strings, from 1 to 20 characters in
length, consisting of upper-case letters, digits, hyphens, and/or
underscores. SASL mechanism names must be registered with the IANA.
Procedures for registering new SASL mechanisms are given in the
section "Registration procedures"
---------------------
Nicola