hi,
i am currently searching for a substitution for sendmail.cf, because ...
therefore i have done a quick review of james-2.0a3.
pop3 get was ok.
smtp put was not so good:
1. the smtp auth login/plain implementation seems to be a bit different between
certain clients and servers.
i used akmail, mozilla, and outlook express.
2.) since my akmail did not work with auth login i�ve tried to go via telnet:
1027873583831 [INFO ] (smtpserver): Connection from 127.0.0.1 (127.0.0.1)
1027873597551 [INFO ] (smtpserver): Command received: EHLO cgshome
1027873602788 [INFO ] (smtpserver): Command received: AUTH LOGIN
1027873606664 [DEBUG ] (smtpserver): Exception opening socket: null
java.lang.NullPointerException
at org.apache.james.util.Base64.decodeAsString(Base64.java:36)
at org.apache.james.smtpserver.SMTPHandler.doAUTH(SMTPHandler.java:350)
at org.apache.james.smtpserver.SMTPHandler.parseCommand(SMTPHandler.java:238)
at
org.apache.james.smtpserver.SMTPHandler.handleConnection(SMTPHandler.java:163)
at
org.apache.avalon.cornerstone.blocks.connection.ConnectionRunner.run(Connection.java:167)
at
org.apache.avalon.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:47)
at
org.apache.avalon.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:86)
null-pointer exception if username is not base64.
connection terminated.
.. well the connection should not terminate here i think ?
rfc2554:
If the server cannot BASE64 decode the argument, it rejects the
AUTH command with a 501 reply. If the server rejects the
authentication data, it SHOULD reject the AUTH command with a
535 reply unless a more specific error code
.) same thing for plain:
1027876424636 [INFO ] (smtpserver): Connection from 127.0.0.1 (127.0.0.1)
1027876453457 [INFO ] (smtpserver): Command received: EHLO cgshome
1027876460437 [INFO ] (smtpserver): Command received: AUTH PLAIN
1027876473476 [DEBUG ] (smtpserver): Exception opening socket: null
java.util.NoSuchElementException
at java.util.StringTokenizer.nextToken(Unknown Source)
at org.apache.james.smtpserver.SMTPHandler.doAUTH(SMTPHandler.java:331)
at org.apache.james.smtpserver.SMTPHandler.parseCommand(SMTPHandler.java:238)
at
org.apache.james.smtpserver.SMTPHandler.handleConnection(SMTPHandler.java:163)
at
org.apache.avalon.cornerstone.blocks.connection.ConnectionRunner.run(Connection.java:167)
at
org.apache.avalon.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:47)
at
org.apache.avalon.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:86)
auth plain with no base64 or invalid username.
connection terminated.
the plain login should use base64 ?
3.) auth plain
due to: /rfc2595.txt
The mechanism consists of a single message from the client to the
server. The client sends the authorization identity (identity to
login as), followed by a US-ASCII NUL character, followed by the
authentication identity (identity whose password will be used),
followed by a US-ASCII NUL character, followed by the clear-text
password. The client may leave the authorization identity empty to
indicate that it is the same as the authentication identity.
[authorize-id] NUL authenticate-id NUL password
e.g.: <NUL>tim<NUL>tanstaaftanstaaf
This is not reflected in your implementation. smtphandler line 328 ..
well i may be wrong, cause i do not have time to go into the rfc in detail.
4.) rfc2554:
(5) an optional parameter using the keyword "AUTH" is added to the
MAIL FROM command, and extends the maximum line length of the
MAIL FROM command by 500 characters.
this seems not to be used by any client.
5.) rfc2554:
AUTH mechanism [initial-response]
the initial-response is not handled ?
lg chris.
- CGS ( Schaefer EDV ) --------------------------------
NIC: CS1156-RIPE INTERNIC : CS11402
[EMAIL PROTECTED] http://www.cgs.co.at
Office:
Maroltingergasse 47/1604, 1160 Wien,
Tel.: 494 83 07
tech: Zieglergasse 13-2-5, 1070 Wien.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
