>Wow! Such swift and helpful response! Many thanks! > >Your patch certainly gets me past that hurdle, and I would like to say >that all is now sweetness and light, but alas post now runs on to say > > post: problem initializing server; [BHST] SASL client start failed: > SASL(-4): no mechanism available: No worthy mechs found
Hm. So, silly question ... did you try -saslmech PLAIN? That is what I tested and I got basically "no such user" when I tested it against your ISPs server (because I made up an username/password). I am not sure if Cyrus-SASL supports the LOGIN mechanism (although, WITHOUT -saslmech it should have picked the "best" mechanism and selected PLAIN). LOGIN and PLAIN are basically equivalent from a security standpoint. "No worthy mechs found" ... I'd have to dig into Cyrus-SASL to recall what that means. There's some additional criteria you can use for mechanism selection (like "does not require encrypted channel") but I don't believe we ever configure those criteria. If you could post the -snoop output before you get to that point it would be helpful. Also, if you are capable of using the latest sources in the git repo, there is some additional debugging printed when using -snoop that might be helpful. Also, if you can tell me exactly which version of Cyrus-sasl you are compiling against, I can take a look at that error message. >I did btw peer into the code of claws, and it looks on first sight as >though AUTH= is treated the same way as "AUTH ", and as though it were >just an addition to any subsequent AUTH list. In fact it summarily >treats AUTH<anychar> the same, simply moving its pointer past whatever >it may be, and ORing together multiple AUTHs. Your fix seems equally >reasonable, possibly rather less fraught. Right, further research revealed that my original thoughts on AUTH= were in error. Looking back, the original SMTP AUTH RFC supported an AUTH= keyword on the MAIL FROM line, and I think the original people who wrote the broken mailers just mis-read the RFC and thought that was also how the EHLO verb was supposed to be. --Ken
