[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Flexible mail-relay protection
...
> I have tried to look for the M$ specifications about
> what the Exchange servers mean with their EHLO
> response:
> AUTH=LOGIN
>
> If you can find M$ document at it, I would be very gratefull,
> indeed.
IRC is a miracle place -- even when using it only among our "small"
corporate coder and keeper teams in the middle of the night... There
wasn't M$ document known, but something else to explain RFC 2554:
http://help.netscape.com/products/server/messaging/3x/info/smtpauth.html
The salient part explaining it all:
S: 220 jimi-hendrix.mcom.com ESMTP server (Netscape Messaging Server - Version 3.0) ready Fri, 2 May 1997 09:38:41 -0700
C: ehlo jimi
S: 250-jimi-hendrix.mcom.com
S: 250 AUTH=LOGIN
C: auth login
S: 334 VXNlcm5hbWU6 base64 "Username:"
C: bXluYW1l base64 "myname"
S: 334 Uc2VjcmV0 base64 "Password:"
C: GFzc3dvcmQ6 base64 "secret"
S: 235 Authentication successful
Ok, so that is plain-text login over the wire, but in systems where
the password is stored in encrypted form that is the best we can do :-/
(I don't count Base64 obfuscation as security; a determined snooper/cracker
can decode those easily..)
/Matti Aarnio <mea@nic.funet.fi>