On Tue, 1 Feb 2005 16:31:25 -0800 (Pacific Standard Time) Mark Crispin <[EMAIL PROTECTED]> wrote:
MC> On Tue, 1 Feb 2005, Vadim Zeitlin wrote: MC> > In theory I totally agree but in practice there is this broken server MC> > which doesn't support any other way to login except by using USER but still MC> > doesn't advertise it. It's clearly is a bug in server implementation and MC> > using USER is the only way to work around it. MC> MC> The server may not be broken. Unfortunately in this case it definitely is. It does not support neither TLS nor SSL (again, I should have written it from the beginning, sorry for omitting to say this). MC> They may have an administrative policy that clients should use the SSL MC> POP3 service (port 995) instead of unencrypted POP3 port 110; but for the MC> benefit of old pre-SSL clients (which also would not use CAPA) it allows MC> the USER/PASS commands. Ok, but if they [still] allow it, there mustn't be much harm in using it. I would understand if they only allowed SSL logins perfectly well, but they don't. In fact, they don't support them at all. MC> Not at all. Did you try the SSL POP3 service? Yes. MC> > Speaking practically, what problems can I have if I still use USER even if MC> > the server doesn't advertise it? MC> MC> Doing so violates the specifications, and may very well violate the MC> intentions of the POP3 server administrator. Again, not in this case. MC> Worse, you may find yourself accused of "behaving just like Microsoft" in MC> violating specifications for convenience. All too often the excuse of "a MC> necessary workaround" has been offered as to why Outlook, etc. violates a MC> specification. MC> MC> Still worse, if it's considered to be something that c-client does, I MC> will be accused of "behaving just like Microsoft." No thanks. :-) I understand your point of view but you should realize, of course, that I am going to patch my c-client version (once again) because I can't tell the user with a straight face that I am not going to fix it when it's a whole of one line fix. So it's just going to be one more patch in my version of c-client and one more reason I can't use "official" (although at least in Debian case there are quite a few patches in it too) version of the library packaged by Debian, RedHat and so on. Not a big deal for me as there are other issues which are much more important for me which I had to patch in my version but I still can't prevent myself from thinking that all this is a big waste of effort and that having at least an option in c-client to enable the behaviour which makes sense to the users couldn't really be such a bad thing. Regards, VZ -- ------------------------------------------------------------------ For information about this mailing list, and its archives, see: http://www.washington.edu/imap/c-client-list.html ------------------------------------------------------------------
