Hello Davide For security reasons, we would force all of our customers to use AUTH during outgoing smtp transactions to enable relay on our xmail server. Actually any Outlook/OutlookExpress/Thunderbird/... client works fine using AUTH method.
On customers sites using servers we use the client ip as the 'auth' to relay or not. Doing so is a problem as any computer beside this ip (generally natted) have 'relay' allowed ! It is BAD :( so we want to force auth on any client so only the 'good' auth sebders will be allowed (and optionnaly resolve the variable ip problem on client side, in case of unmanaged change ...). Seems there is a problem then the client side is an Exchange server 2003 configured to 'auth' when connecting to the smarthost/gateway (our xmail server). Configuration is ok in both cases, BUT Exchange smtp 'client' AND xmail smtp server reports 'AUTH FAIL'. Searching the web and reading the rfc, xmail seems to have a problem with the 'optional initial client parameter' as part of the 'AUTH LOGIN' command. In fact, Exchange use this 'optional parameter' to give the login name to use when doing AUTH LOGIN (values and parameters in braces are 'base64' not show here. C = exchange client, S = xmail server). The resulting transcript of the dialog between the exchange 'client' and xmail 'server' is : C1 : AUTH LOGIN {the_user_email} S2 : 334 {Username:} C3 : {the_user_password} S4 : 334 {Password:} C5 : {the_user_password} S6 : 503 Authentication failed As you see Exchange put the login directly as part of the AUTH LOGIN command, as permited by RFC. As per RFC (if correctly read ;-) ) the correct complete sequence when the smtp client add the 'optional initial client parameter' should be : C1 : AUTH LOGIN {the_user_email} S4 : 334 {Password:} C5 : {the_user_password} S6 : 235 Hey :) I'M HAPPY :) Exchange-Xmail session explanation : the Exchange server, using the 'initial client parameter' assumes that the S2 "334" response from xmail is in fact the S4 response because the server side must go to the S4 response assuming the S2/C3 sequence is implied by the provision of the C3 response in the C1 Command. Outch ! Ouf :) Part of the RFC 2554 explaining this 'optional arg usage' in the auth command : " The optional initial-response argument to the AUTH command is used to save a round trip when using authentication mechanisms that are defined to send no data in the initial challenge. When the initial-response argument is used with such a mechanism, the initial empty challenge is not sent to the client and the server uses the data in the initial-response argument as if it were sent in response to the empty challenge. " Davide, could you help ? Am I right or not ? xmail bug or exchange bug ? Francis - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]