Re: Exim and outgoing AUTH?

To: Phil Brutsche <pbrutsch@tux.creighton.edu>
Cc: Debian User <debian-user@lists.debian.org>
Subject: Re: Exim and *outgoing* AUTH?
From: "Andrew J. Perrin" <aperrin@email.unc.edu>
Date: Fri, 22 Jun 2001 17:08:25 -0400 (EDT)
Message-id: <[🔎] Pine.GSO.4.21L1.0106221707170.11099-100000@sunny>
In-reply-to: <[🔎] Pine.LNX.4.33.0106221521080.30268-100000@tux.creighton.edu>

So, what you're telling me, it seems, is that I'm out of luck because
Telocity says "AUTH=LOGIN" where a sensible system would say "AUTH
LOGIN". It seems like that could be hacked in code (he says
innocently....); any way of simply forcing exim to use LOGIN
authentication, regardless of what it finds from EHLO?

---------------------------------------------------------
   Andrew J. Perrin - Assistant Professor of Sociology
        University of North Carolina, Chapel Hill
269 Hamilton Hall CB#3210, Chapel Hill, NC 27599-3210 USA
   andrew_perrin@unc.edu - http://www.unc.edu/~aperrin

On Fri, 22 Jun 2001, Phil Brutsche wrote:

:-----BEGIN PGP SIGNED MESSAGE-----
:Hash: SHA1
:
:A long time ago, in a galaxy far, far way, someone said...
:
:> Greetings-
:>
:> Telocity, in its infinite wisdom, has decided to use SMTP AUTH instead of
:> originating IP to verify SMTP clients. This presents problems for me,
:> since I have exim pointing at smtp.telocity.com. Furthermore, it doesn't
:> reject messages outright (that would be too simple and
:> standards-based).  Instead, it just accepts them and silently eats them,
:> so I didn't know until I innocently asked my father-in-law if he'd
:> received a message I sent him. Arrgh.  Anyway....
:>
:> Is there a way to configure exim (running in smarthost mode) to use SMTP
:> AUTH for outgoing mail? I'm currently running:
:
:Yes.
:
:The authentication rules are defined in the very last section of the file,
:after the rewrite configuration.  AUTH PLAIN (what Netscape and most
:non-MS email clients use to authenticate) would look something like this:
:
:telocity:
:  driver = plaintext
:  public_name = PLAIN
:  client_send = ^username^password
:
:AUTH LOGIN (what Outlook & OE use, as well as a few others) would look
:something like this:
:
:telocity:
:  driver = plaintext
:  public_name = LOGIN
:  client_send = : username : password
:
:Afterwards, you would put
:
:   authenticate_hosts = 64.98.119.186
:
:in the remote_smtp transport.
:
:However, this assumes that the Telocity SMTP server (smtp.telocity.com) is
:standards compliant... which they aren't.
:
:Telneting to port 25 on smtp.telocity.com:
:
:$ telnet smtp.telocity.com smtp
:Trying 64.98.119.186...
:Connected to dsl.telocity.com.criticalpath.net.
:Escape character is '^]'.
:220 smtp.telocity.com ESMTP CPMTA-3_5_0_4 - NO UCE
:ehlo kaitain.obix.com
:250-smtp.telocity.com Hi.
:250-PIPELINING
:250-AUTH=LOGIN
:250 8BITMIME
:quit
:221 smtp.telocity.com closing connection
:
:See the AUTH=LOGIN in the response to my EHLO?  The equal sign should be a
:space.  That's a Microsoft-ism.  Very few transport agents and user agents
:support AUTH=LOGIN; the ones that do have .
:These include:
:
:Most "corporate messaging" systems
:Various MS *Windows* email clients (the Mac email clients are written by a
:   different group within MS and are much better than the Windows
:   equivalents IMO)
:One of the qmail SMTP AUTH patches
:Whatever the hell Telocity uses
:
:One solution would be to ask a kind soul to relay for you based on SMTP
:AUTH.
:
:> <rant>
:> Why can't a single reasonably-priced DSL service seem go get it
:> right? There are perfectly good internet standards for dealing with
:> these sorts of things, and they feel they have to reinvent the wheel --
:> and make it square to boot!
:> </rant>
:
:<rant>
:That would require intelligence among the decision-makers at Telocity.
:If they're like alot of other corporations, they are (pardon my language)
:clueless twits who don't know squat about what they're doing.  These folks
:are also the reason why most defaced web sites are Windows... and the
:security whole isn't in Windows.
:</rant>
:
:- -- 
:- ----------------------------------------------------------------------
:Phil Brutsche				    pbrutsch@tux.creighton.edu
:
:GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D  7E5E FD94 D264 50DE 1CFC
:GPG key id: 50DE1CFC
:GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
:-----BEGIN PGP SIGNATURE-----
:Version: GnuPG v1.0.6 (GNU/Linux)
:Comment: Made with pgp4pine
:
:iD8DBQE7M7Fu/ZTSZFDeHPwRAsrCAJ9a+V5r4hsyf5d5/eq3MdBwTVV6agCfUGUz
:h9x9K9HjfU01auWrexvpbuI=
:=tw1y
:-----END PGP SIGNATURE-----
:
:

Reply to:

Follow-Ups:
- Re: Exim and *outgoing* AUTH?
  - From: Phil Brutsche <pbrutsch@tux.creighton.edu>

References:
- Re: Exim and *outgoing* AUTH?
  - From: Phil Brutsche <pbrutsch@tux.creighton.edu>

Prev by Date: Re: Shutdown -h now
Next by Date: Re: Exim and *outgoing* AUTH?
Previous by thread: Re: Exim and *outgoing* AUTH?
Next by thread: Re: Exim and *outgoing* AUTH?
Index(es):
- Date
- Thread

Re: Exim and *outgoing* AUTH?

Re: Exim and outgoing AUTH?