[exim-dev] [Bug 783] New: Exim violates RFC 4954

Top Page
Delete this message
Reply to this message
Author: Ian Turner
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 783] New: Exim violates RFC 4954
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=783
           Summary: Exim violates RFC 4954
           Product: Exim
           Version: 4.63
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: SMTP Authentication
        AssignedTo: nigel@???
        ReportedBy: vectro@???
                CC: exim-dev@???



I discovered this issue while testing LogicMail against Exim. The logicmail bug
report is here: http://www.logicprobe.org/proj/logicmail/ticket/117

In short, RFC 4954 requires that a client be able to state "AUTH PLAIN" without
any creditials on the same line. The server is to send a black 334 reply, at
which point the client can provide credentials. Instead Exim says "535
Incorrect Authentication Data".

Here is a packet capture of what is happening:

10.067.183.233.00025-10.077.010.248.01191: 220 cleopatra.johnwparker.com ESMTP
Ready.

10.077.010.248.01191-10.067.183.233.00025: EHLO flash

10.067.183.233.00025-10.077.010.248.01191: 250-cleopatra.johnwparker.com Hello
besnyc1.nyc.deshaw.com [149.77.10.248] 250-SIZE 52428800 250-PIPELINING
250-AUTH PLAIN 250-STARTTLS 250 HELP

10.077.010.248.01191-10.067.183.233.00025: AUTH PLAIN

10.067.183.233.00025-10.077.010.248.01191: 535 Incorrect authentication data

But RFC 4954 provides this as a specific example:

   C: EHLO client.example.com
   S: 250-smtp.example.com Hello client.example.com
   S: 250 AUTH GSSAPI DIGEST-MD5 PLAIN
   C: AUTH PLAIN
    (note: there is a single space following the 334
     on the following line)
   S: 334
   C: dGVzdAB0ZXN0ADEyMzQ=
   S: 235 2.7.0 Authentication successful



--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email