Marc Haber wrote:
On Thu, 1 Dec 2005 13:46:42 +0000 (GMT), Philip Hazel
<[EMAIL PROTECTED]> wrote:
On Thu, 1 Dec 2005, Marc Haber wrote:
It should prevent a well-behaved client from authenticating since it
does only advertise AUTH over encrypted connections. Of course, a very
broken client who insists to authenticate even to a server that
doesn't advertise AUTH is not prevented.
It's not prevented from *trying*, but Exim won't accept AUTH unless it
has advertised it.
Is there a MUA so broken that it tries to authenticate without the
server having advertised AUTH? I think that even Outlook does _this_
right.
Greetings
Marc
Yes.
Certain versions of Apple's alleged MUA.
Not sure which, as we unconditionally s-can that POS, but it would be
'pre Tiger' for sure.
Logs - ordinarily quiet on this issue - have shown it trying AUTH PLAIN
and AUTH LOGIN one each for two iterations, then silently (at the
desktop) failing for quite a while before it pops up an error message.
YMMV - it has probably had numerous 'fixes'...
Bill Hacker
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
