* on the Fri, Jun 14, 2013 at 10:20:06AM -0300, Reinaldo Matukuma wrote: > I had a situation today where i need that exim act as client on > office365 server with authentication. So, i have configured two > authenticators (one for PLAIN and other for LOGIN) that will be sent > after TLS. > > The problem that i found is that the office365 server isn't doing the > correct announce of AUTH mechanisms.... > > Running exim in debug mode i saw this: > SMTP<< 250-pod51028.outlook.com Hello [189.74.52.32] > 250-SIZE 36700160 > 250-PIPELINING > 250-DSN > 250-ENHANCEDSTATUSCODES > 250-STARTTLS > 250-AUTH > 250-8BITMIME > 250-BINARYMIME > 250 CHUNKING > > They are announcing only that has auth capability, right?
The above is the output of the EHLO command *before* encryption. If you negotiate TLS and re-issue EHLO (in the same manner that your email client would), then the auth command correctly lists "LOGIN" capability: mike@alfa:~$ openssl s_client -quiet -crlf -connect 207.46.4.237:25 -starttls smtp depth=2 CN = Microsoft Internet Authority verify error:num=20:unable to get local issuer certificate verify return:0 250 CHUNKING EHLO foo 250-pod51028.outlook.com Hello [178.79.145.246] 250-SIZE 36700160 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-AUTH LOGIN 250-8BITMIME 250-BINARYMIME 250 CHUNKING Microsofts server is basically saying that they don't allow auth over unencrypted connections, but do allow LOGIN auth over encrypted connections. This is normal and common behaviour. -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
