[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: smtp authentication problem
|
From: |
Ken Hornstein |
|
Subject: |
Re: smtp authentication problem |
|
Date: |
Wed, 02 Feb 2022 09:57:35 -0500 |
>Wow! Such swift and helpful response! Many thanks!
>
>Your patch certainly gets me past that hurdle, and I would like to say
>that all is now sweetness and light, but alas post now runs on to say
>
> post: problem initializing server; [BHST] SASL client start failed:
> SASL(-4): no mechanism available: No worthy mechs found
Hm.
So, silly question ... did you try -saslmech PLAIN? That is what I
tested and I got basically "no such user" when I tested it against
your ISPs server (because I made up an username/password). I am not
sure if Cyrus-SASL supports the LOGIN mechanism (although, WITHOUT
-saslmech it should have picked the "best" mechanism and selected
PLAIN). LOGIN and PLAIN are basically equivalent from a security
standpoint.
"No worthy mechs found" ... I'd have to dig into Cyrus-SASL to recall
what that means. There's some additional criteria you can use for
mechanism selection (like "does not require encrypted channel")
but I don't believe we ever configure those criteria. If you could
post the -snoop output before you get to that point it would be
helpful. Also, if you are capable of using the latest sources in
the git repo, there is some additional debugging printed when using
-snoop that might be helpful. Also, if you can tell me exactly which
version of Cyrus-sasl you are compiling against, I can take a look
at that error message.
>I did btw peer into the code of claws, and it looks on first sight as
>though AUTH= is treated the same way as "AUTH ", and as though it were
>just an addition to any subsequent AUTH list. In fact it summarily
>treats AUTH<anychar> the same, simply moving its pointer past whatever
>it may be, and ORing together multiple AUTHs. Your fix seems equally
>reasonable, possibly rather less fraught.
Right, further research revealed that my original thoughts on AUTH=
were in error. Looking back, the original SMTP AUTH RFC supported
an AUTH= keyword on the MAIL FROM line, and I think the original people
who wrote the broken mailers just mis-read the RFC and thought that
was also how the EHLO verb was supposed to be.
--Ken
- smtp authentication problem, Tony Stoneley, 2022/02/01
- Re: smtp authentication problem, Ken Hornstein, 2022/02/01
- Re: smtp authentication problem, Ken Hornstein, 2022/02/01
- Re: smtp authentication problem, Tony Stoneley, 2022/02/02
- Re: smtp authentication problem,
Ken Hornstein <=
- Re: smtp authentication problem, Tony Stoneley, 2022/02/03
- Re: smtp authentication problem, Ken Hornstein, 2022/02/03
- Re: smtp authentication problem, Tony Stoneley, 2022/02/04
- Re: smtp authentication problem, Ken Hornstein, 2022/02/04
- Re: smtp authentication problem, Ralph Corderoy, 2022/02/07
- Re: smtp authentication problem, Ken Hornstein, 2022/02/07
- Re: smtp authentication problem, Alexander Zangerl, 2022/02/09
- Re: smtp authentication problem, Tony Stoneley, 2022/02/09
- Re: smtp authentication problem, Ralph Corderoy, 2022/02/09
- Re: smtp authentication problem, Alexander Zangerl, 2022/02/07