Re: [exim] Opposing RFCs ? - Case In/Sensitive AUTH SASL Met…

Pàgina inicial
Delete this message
Reply to this message
Autor: W B Hacker
Data:  
A: exim-users
Assumpte: Re: [exim] Opposing RFCs ? - Case In/Sensitive AUTH SASL Methode
Phil Pennock wrote:
> On 2008-09-26 at 12:17 +0200, Nicola Tiling wrote:
>> We have trouble with a program that uses a microsoft mail routine. It
>> sends the SASL auth Parameter in lower case but exim only allow upper
>> case
>>
>>     AUTH login
>>     503 AUTH LOGIN or AUTH PLAIN OR AUTH CRAM-MD5 OR AUTH MSN is REQUIRED

>>
>>     AUTH LOGIN
>>     334 VXNlcm5hbWU6

>>
>> Exim refer to RFC 2222 (Manual: "33.1. Generic options for
>> authenticators" / "public_name") but it seems RFC 2222 and RFC 2554
>> are opposite at this point.
>
> Exim actually states:
> ----------------------------8< cut here >8------------------------------
> This option specifies the name of the authentication mechanism that the driver
> implements, and by which it is known to the outside world. These names should
> contain only upper case letters, digits, underscores, and hyphens (RFC 2222),
> but Exim in fact matches them caselessly. If public_name is not set, it
> defaults to the driver's instance name.
> ----------------------------8< cut here >8------------------------------
>
> So in configuring Exim, use upper-case, but Exim should match anyway.
>


Nothing to add from me...

> However, the "is REQUIRED" message doesn't come from Exim. Simply put,
> recursively grepping for REQUIRED over the Exim source returns only 11
> lines and none of them are an error-message.


Here I beg to differ.

ISTR that one can define a custom message to follow any given return
code. By definition, a 'custom' message would not be in source.

So, questions for Nicola - have you inherited a configuration set up by
someone else? Or is this a clean install that for-sure has no such
customization? Or are you dealing with a 'far end' Exim that you can ID
as such, but have NO control over?

Bill Hacker


>
> Exim doesn't offer AUTH MSN, unless that's coming from a cyrus_sasl
> driver?
>
> So I think that the server the client is talking to is not Exim; perhaps
> some proxy?
>
> If you're sure it is talking to Exim, can you run Exim with debugging
> and see what logs you can collect?
>
> -Phil
>