Exim4 EHLO/STARTTLS/AUTH and buggy client

To: debian-user@lists.debian.org
Subject: Exim4 EHLO/STARTTLS/AUTH and buggy client
From: Mark <seatek@gmail.com>
Date: Sat, 21 Apr 2007 09:01:58 -0700
Message-id: <[🔎] 6e63919c0704210901r64922c3bm722b1ad36e83ed60@mail.gmail.com>

Hi --

Just trying Exim, coming from a long time of Sendmail. Curious how this might be handled, if it can be. I realize this is a buggy mail client problem, but such is the way of the things.

Synopsis: Buggy client wants to relay a message via Exim server to a foreign domain, authenticating to Exim with TLS/PLAIN

Client program initiates EHLO with Exim server.
Exim says Hello
STARTTLS and AUTH get advertised.
Buggy client likes STARTTLS and starts it.
Exim says TLS - go ahead!
Exim and buggy client happily chatting encryptically.
Buggy client does not say EHLO again, but instead AUTH LOGIN
Exim says, I didn't advertise that! And errors: AUTH command used when not advertised.

So, authorization fails, and the message cannot be relayed, and it is rejected with relay not permitted since nothing else would allow it to relay (which it shouldn't).

Now, I'm reasonably sure that the client is supposed to say EHLO again after a STARTTLS. But it's buggy.

Does anyone know if there some way to make Exim be a little more forgiving, and not error out of auth because it didn't advertise AUTH? Or, really, have it not mind getting the second EHLO?

Sendmail doesn't seem to mind this behavior at all. But that's neither here nor there.

Reply to:

Follow-Ups:
- Re: Exim4 EHLO/STARTTLS/AUTH and buggy client
  - From: Douglas Allan Tutty <dtutty@porchlight.ca>
- Re: Exim4 EHLO/STARTTLS/AUTH and buggy client
  - From: Greg Folkert <greg@gregfolkert.net>

Prev by Date: Re: Etch with encrypted lvm, remapping of sata hd names, problem
Next by Date: How to limit an IO bound process?
Previous by thread: Amarok and Last.FM: Works in 1.4.5 (experimental)
Next by thread: Re: Exim4 EHLO/STARTTLS/AUTH and buggy client
Index(es):
- Date
- Thread