Re: [exim] Opposing RFCs ? - Case In/Sensitive AUTH SASL Met…

Top Page
Delete this message
Reply to this message
Author: Graeme Fowler
Date:  
To: Exim-users
Subject: Re: [exim] Opposing RFCs ? - Case In/Sensitive AUTH SASL Methode
On Fri, 2008-09-26 at 12:17 +0200, Nicola Tiling wrote:
> We have trouble with a program that uses a microsoft mail routine. It
> sends the SASL auth Parameter in lower case but exim only allow upper
> case


Are you sure?

>     AUTH login
>     503 AUTH LOGIN or AUTH PLAIN OR AUTH CRAM-MD5 OR AUTH MSN is REQUIRED


Mine doesn't do that (Exim 4.69), but does this instead:

>     AUTH LOGIN
>     334 VXNlcm5hbWU6



> Exim refer to RFC 2222 (Manual: "33.1. Generic options for
> authenticators" / "public_name") but it seems RFC 2222 and RFC 2554
> are opposite at this point.
>
> RFC 2554 says the SASL auth_type has to be case insensitive ("ALPHA/
> DIGIT"). But RFC 2222 says the SASL mechanism is named only upper-case.
>
> The customer insists that exim has to perform RFC 2554 and he says
> other MTAs like sendmail do so.


The config section you mention states:

"These names should contain only upper case letters, digits,
underscores, and hyphens (RFC 2222), but Exim in fact matches them
caselessly."

I don't think you're connecting to an Exim server there at all, mainly
because the term REQUIRED (alone) in capital letters does not appear in
the Exim source code anywhere.

Is there a Cisco device (or some other security device like ISA server)
between the two, perchance? Something is intercepting the traffic, or
you're otherwise connecting to the wrong box...

Graeme