Rick
I've looking at the issues of doing SMTP authentication, and after
reading the SMTP spec, starting coding up a solution using the Java Sasl
API, which was doing most of the heavy lifting for me. This morning,
however, I finally noticed the critical words in the Sasl
Javadoc...."since Java 1.5". Since we're not in a position to support
Java 1.5 yet, that definitely tossed a speed bump in my path.
LOGIN and PLAIN authentication are pretty simple to do without Sasl, and
I believe I can also figure out how to do CRAM_MD5. Other forms of
authentication are probably a bit beyond my current experience with
crypto/security. How sophisticated do we need to be with this? Are
LOGIN and PLAIN sufficient (combined with TLS support)? Note that this
question also applies to the POP3 and IMAP implementations, since they
also use Sasl authentication mechanisms.
- SMTP Authentication Rick McGuire
- Re: SMTP Authentication Dain Sundstrom
- Re: SMTP Authentication Rick McGuire
- Re: SMTP Authentication Bilal Bhatti
- Re: SMTP Authentication Dain Sundstrom
- Re: SMTP Authentication Alan D. Cabrera
