Hi All, Im new to the list, but Ive been using James for a while and Ive just started using 2.0a2. The first thing I tried was SMTP authentication since Id built my own smtp authentication hack into 1.2, but that required users put their login and password into a header to be stripped out. Anyway, 2.0a2 doesnt work as is. After James and the client have finished their authentication dialogue and James is happy, the client always seems to send a RSET command which removes the fact that the user is authenticated from the email dialogue state. Remembering the authenticated user in SMTPHandler.resetState() seems to fix it
private void resetState() { String user = (String) state.get(AUTH); state.clear(); state.put(SERVER_NAME, this.helloName); state.put(SERVER_TYPE, this.softwaretype); state.put(REMOTE_NAME, remoteHost); state.put(REMOTE_IP, remoteIP); state.put(SMTP_ID, smtpID); // seems that after authenticating an smtp client sends // a RSET, so we need to remember that they are authenticated if(user != null){ state.put(AUTH, user); } } Once this was working it lead to another bug, if the server requires SMTP authentication it should only challenge requests for hosts outside its local network, and this is tested in SMTPHandler.doRCPT which tests the destination host with James.isLocalServer(String). The bug here is that the server strings comparison is not case-sensitive, so that if I send an email to [EMAIL PROTECTED] from outside the local network without SMTP authentication and the domain is defined as Open-IQ.com in the xml config then the mail is rejected as unauthorised. Heres one solution. public boolean isLocalServer(final String serverName) { Iterator eachName = serverNames.iterator(); while (eachName.hasNext()) { String thisName = (String) eachName.next(); if (thisName.compareToIgnoreCase(serverName) == 0) { return true; } } return false; } bye, Kevin.