On Sat, 04 Feb 2006 11:16:26 -0800, "Fred Viles"
<[EMAIL PROTECTED]> wrote:
>As explained already, there won't be any non-encrypted authentication
>attempts to reject.
Which is a feature, since with AUTH PLAIN, the credentials have
already been transmitted unencrypted when the auth attempt is
rej
On Mon, 2006-02-06 at 11:39 +, Tony Finch wrote:
> On Sat, 4 Feb 2006, Jeremy Harris wrote:
> >
> > I note with interest that sesame's spam-labelling
> > leaves the original Subject: line in place,
> > adding a new one later in the headers - and that
> > Thunderbird displays the later one.
>
>
On Sat, 4 Feb 2006, Jeremy Harris wrote:
>
> I note with interest that sesame's spam-labelling
> leaves the original Subject: line in place,
> adding a new one later in the headers - and that
> Thunderbird displays the later one.
I believe that whatever spam labelling you are seeing isn't being do
> "JH" == Jakob Hirsch <[EMAIL PROTECTED]> writes:
JH> I'd just like to know what made sesame think my message is
JH> spam. Nigel?
Looks like whatever version of spamassassin is running on
sesame.csx.cam.ac.uk doesn't properly parse the IPv6 addresses out of
the intervening Received: headers
Jeremy Harris wrote:
> Jakob Hirsch wrote: (some nonspam)
oh, thanks, didn't notice that (usually, I don't read my own messages :)
I'd just like to know what made sesame think my message is spam. Nigel?
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at
On 4 Feb 2006 at 12:03, Marco wrote about
"Re: [exim] AUTH over TLS only":
|...
| Can I send a custom SMTP error (ex. You must use an encrypted
| session!!), when exim4 reject an non-encrypted authentication session?
As explained already, there won't be any non-encrypted
Jakob Hirsch wrote: (some nonspam)
I note with interest that sesame's spam-labelling
leaves the original Subject: line in place,
adding a new one later in the headers - and that
Thunderbird displays the later one.
I'll put money on not all MUAs behaving the same way.
- Jeremy
--
## List detail
On Sat, 4 Feb 2006, Marc Sherman wrote:
> Alan's error will never get sent, because if a client attempts to
> authenticate when AUTH is not advertised, Exim detects that as a
> protocol error, and it never gets to the ACL:
Thanks - I was thinking that might be the case, after reading Jakob
Hirsc
Marco wrote:
>
> I look this message only on my log. Can Exim send an SMTP error (ex.
> code 5xx Encryption required for authenticated sending)
> to client?
No, Marco, as others have already explained to you. SMTP clients will
not attempt to authenticate if AUTH is not advertised, and a properl
Alan J. Flavell ha scritto:
On Sat, 4 Feb 2006, Marco wrote:
Can I send a custom SMTP error (ex. You must use an encrypted
session!!), when exim4 reject an non-encrypted authentication
session?
Do you mean something like this?
acl_smtp_auth = check_security
[...]
On Sat, 4 Feb 2006, Marco wrote:
> Can I send a custom SMTP error (ex. You must use an encrypted
> session!!), when exim4 reject an non-encrypted authentication
> session?
Do you mean something like this?
acl_smtp_auth = check_security
[...]
###
# AC
Marco wrote:
> Can I send a custom SMTP error (ex. You must use an encrypted
> session!!), when exim4 reject an non-encrypted authentication session?
No. If AUTH was not advertised, Exim will say something like "AUTH not
advertised". But proper smtp clients will not use AUTH unless it was
adverti
Dennis Davis ha scritto:
On Thu, 1 Dec 2005, Warren Howard wrote:
From: Warren Howard <[EMAIL PROTECTED]>
To: exim-users@exim.org
Date: Thu, 01 Dec 2005 17:13:46 +0530
Subject: [exim] AUTH over TLS only
Is there a way in Exim to setup matching functionality to
Postfix's "smtpd_tls_auth_only
Marc Haber wrote:
On Thu, 1 Dec 2005 13:46:42 + (GMT), Philip Hazel
<[EMAIL PROTECTED]> wrote:
On Thu, 1 Dec 2005, Marc Haber wrote:
It should prevent a well-behaved client from authenticating since it
does only advertise AUTH over encrypted connections. Of course, a very
broken client w
Dennis Davis wrote:
> Use auth_advertise_hosts. From the spec:
>
> If you want to advertise the availability of AUTH only when the
> connection is encrypted using TLS, you can make use of the fact that
> the value of this option is expanded, with a setting like this:
>
> auth_adverti
On 1 Dec 2005, at 15:00, Philip Hazel wrote:
Probably. The depth of brokenness of some MUAs has to be seen to be
believed. I was recently asked for a workaround for a client that was
using tls-on-connect, then sending HELO (not EHLO), and then trying to
do AUTH.
An Oracle application (I think
On Thu, 1 Dec 2005, Marc Haber wrote:
> Is there a MUA so broken that it tries to authenticate without the
> server having advertised AUTH?
Probably. The depth of brokenness of some MUAs has to be seen to be
believed. I was recently asked for a workaround for a client that was
using tls-on-con
On Thu, 1 Dec 2005 13:46:42 + (GMT), Philip Hazel
<[EMAIL PROTECTED]> wrote:
>On Thu, 1 Dec 2005, Marc Haber wrote:
>> It should prevent a well-behaved client from authenticating since it
>> does only advertise AUTH over encrypted connections. Of course, a very
>> broken client who insists to a
On Thu, Dec 01, 2005 at 05:55:04AM -0600, Mark Nipper wrote:
> Now, someone much more knowledgeable about such things
> than me will have to say whether that actually prevents a client
> from ignoring exim and attempting to authenticate anyway without
> TLS. But I don't think there is much
On Thu, 1 Dec 2005, Marc Haber wrote:
> It should prevent a well-behaved client from authenticating since it
> does only advertise AUTH over encrypted connections. Of course, a very
> broken client who insists to authenticate even to a server that
> doesn't advertise AUTH is not prevented.
It's n
On Thu, 1 Dec 2005 05:55:04 -0600, Mark Nipper <[EMAIL PROTECTED]>
wrote:
>tls_advertise_hosts = *
>auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}
>
>The second directive in particular is what does it.
>
>Now, someone much more knowledgeable about such things
>than me will have to say
On 12/01/2005 05:29 PM, Dennis Davis wrote:
On Thu, 1 Dec 2005, Warren Howard wrote:
From: Warren Howard <[EMAIL PROTECTED]>
To: exim-users@exim.org
Date: Thu, 01 Dec 2005 17:13:46 +0530
Subject: [exim] AUTH over TLS only
Is there a way in Exim to setup matching functionality to
Postfix's "smt
On Thu, 1 Dec 2005, Warren Howard wrote:
> From: Warren Howard <[EMAIL PROTECTED]>
> To: exim-users@exim.org
> Date: Thu, 01 Dec 2005 17:13:46 +0530
> Subject: [exim] AUTH over TLS only
>
> Is there a way in Exim to setup matching functionality to
> Postfix's "smtpd_tls_auth_only = yes" option?
On 01 Dec 2005, Warren Howard wrote:
> Is there a way in Exim to setup matching functionality to Postfix's
> "smtpd_tls_auth_only = yes" option? I've read through
> http://www.exim.org/exim-html-4.50/doc/html/spec_38.html#IX2419 and the
> closest matching option I can find is "hosts_require_tls
On Thu, Dec 01, 2005 at 05:13:46PM +0530, Warren Howard said:
> Hi,
>
> Is there a way in Exim to setup matching functionality to Postfix's
> "smtpd_tls_auth_only = yes" option? I've read through
> http://www.exim.org/exim-html-4.50/doc/html/spec_38.html#IX2419 and the
> closest matching optio
25 matches
Mail list logo