Re: Exim and *outgoing* AUTH?
-----BEGIN PGP SIGNED MESSAGE-----
A long time ago, in a galaxy far, far way, someone said...
> Telocity, in its infinite wisdom, has decided to use SMTP AUTH instead of
> originating IP to verify SMTP clients. This presents problems for me,
> since I have exim pointing at smtp.telocity.com. Furthermore, it doesn't
> reject messages outright (that would be too simple and
> standards-based). Instead, it just accepts them and silently eats them,
> so I didn't know until I innocently asked my father-in-law if he'd
> received a message I sent him. Arrgh. Anyway....
> Is there a way to configure exim (running in smarthost mode) to use SMTP
> AUTH for outgoing mail? I'm currently running:
The authentication rules are defined in the very last section of the file,
after the rewrite configuration. AUTH PLAIN (what Netscape and most
non-MS email clients use to authenticate) would look something like this:
driver = plaintext
public_name = PLAIN
client_send = ^username^password
AUTH LOGIN (what Outlook & OE use, as well as a few others) would look
something like this:
driver = plaintext
public_name = LOGIN
client_send = : username : password
Afterwards, you would put
authenticate_hosts = 220.127.116.11
in the remote_smtp transport.
However, this assumes that the Telocity SMTP server (smtp.telocity.com) is
standards compliant... which they aren't.
Telneting to port 25 on smtp.telocity.com:
$ telnet smtp.telocity.com smtp
Connected to dsl.telocity.com.criticalpath.net.
Escape character is '^]'.
220 smtp.telocity.com ESMTP CPMTA-3_5_0_4 - NO UCE
221 smtp.telocity.com closing connection
See the AUTH=LOGIN in the response to my EHLO? The equal sign should be a
space. That's a Microsoft-ism. Very few transport agents and user agents
support AUTH=LOGIN; the ones that do have .
Most "corporate messaging" systems
Various MS *Windows* email clients (the Mac email clients are written by a
different group within MS and are much better than the Windows
One of the qmail SMTP AUTH patches
Whatever the hell Telocity uses
One solution would be to ask a kind soul to relay for you based on SMTP
> Why can't a single reasonably-priced DSL service seem go get it
> right? There are perfectly good internet standards for dealing with
> these sorts of things, and they feel they have to reinvent the wheel --
> and make it square to boot!
That would require intelligence among the decision-makers at Telocity.
If they're like alot of other corporations, they are (pardon my language)
clueless twits who don't know squat about what they're doing. These folks
are also the reason why most defaced web sites are Windows... and the
security whole isn't in Windows.
Phil Brutsche firstname.lastname@example.org
GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Made with pgp4pine
-----END PGP SIGNATURE-----