I just got a call from a customer which was unable to send Mail using SMTP
Auth. Doing some analysis with tcpdump revealed, that the Client in use
(Vivian Mail) seems to violate the SMTP auth standard.
In particular it introduces itself to the mailserver with HELO instead of
EHLO, therefore does not check for the available auth methods and blindly
tries "AUTH PLAIN" (which leads to an unrecognized command error).
The error seems to be fully on side of Vivian Mail here, but i suggest
making qpsmtpd more robust in this. I can't see any technical reason why we
should deny SMTP AUTH only because the client used HELO instead of EHLO. Is
there any?
I patched my own qpsmtpd to accept SMTP AUTH even when the client used the
HELO command. For this i made two changes. First in SMTP.pm i added the
marked line at line 145/146:
$self->respond(250, $self->config('me') ." Hi " . $conn->remote_info . " [" .
$conn->remote_ip ."]; I am so happy to meet y
Add here:
$self->{_commands}->{'auth'} = "";
There is another limitation in Auth.pm (which is pointless, because the AUTH
command was disabled when using HELO) at line 232 which i commented out:
# return $self->respond( 503, "AUTH not defined for HELO" )
# if ( $self->connection->hello eq "helo" );
I suggest making this change upstream. I can't see any problems with beeing
more tolerant to broken clients.
-kju
--
It's an insane world, but i'm proud to be a part of it. -- Bill Hicks