Bug#224151: Re: Re: Bug #224151: exim4: fails to authenticate to smarthost

Marc Haber Marc Haber <mh+debian-packages@zugschlus.de>, 224151-maintonly@bugs.debian.org
Tue, 1 Mar 2005 13:34:38 +0100 

On Tue, Mar 01, 2005 at 11:17:52AM +0100, Johannes Rohr wrote:
> Sorry! Here you are. (In similar cases, please warn that the log
> contains the password for the smarthost in plain text)

I need to build boilerplates for the standard requests.

>   SMTP<< 220 neckar.trilos.net ESMTP Exim 4.24 Tue, 01 Mar 2005 11:13:05 +0100
> 62.145.18.240 in hosts_avoid_esmtp? no (option unset)
>   SMTP>> EHLO rudi.3linden
> read response data: size=150
>   SMTP<< 250-neckar.trilos.net Hello rudi.3linden [195.179.210.120]
>          250-SIZE 36700160
>          250-8BITMIME
>          250-PIPELINING
>          250-AUTH PLAIN LOGIN CRAM-MD5
>          250 HELP

The remote host claims to support authentication PLAIN, LOGIN and
CRAM-MD5.

>   SMTP>> AUTH CRAM-MD5
> read response data: size=54
>   SMTP<< 334 PDI3MDAuMTEwOTY3MTk5MUBuZWNrYXIudHJpbG9zLm5ldD4=
>   SMTP>> ****************************************************

Exim tries CRAM-MD5 first

> read response data: size=35
>   SMTP<< 535 Incorrect authentication data

fails

>   SMTP>> AUTH PLAIN ************************
> read response data: size=30
>   SMTP<< 235 Authentication succeeded

Exim retries with AUTH PLAIN, and succeeds

> plain authenticator yielded 0
>   SMTP>> MAIL FROM:<j.rohr@comlink.org> SIZE=1283 AUTH=root@rudi.infoe.de
>   SMTP>> RCPT TO:<j.rohr@gmx.de>
>   SMTP>> DATA
> read response data: size=78
>   SMTP<< 250 OK
>   SMTP<< 250 Accepted
>   SMTP<< 354 Enter message, ending with "." on a line by itself
>   SMTP>> writing message and terminating "."
> rewrite_one_header: type=F:
>   SMTP<< 250 OK id=1D64NS-0000hY-UV

This is the message's successful delivery

> LOG: MAIN
>   => j.rohr@gmx.de R=smarthost T=remote_smtp_smarthost H=<snip>
> LOG: MAIN
>   Completed

Which is duly logged.

I am suspecting a misconfigured server. Maybe it advertises CRAM-MD5
without properly supporting it?

Do you have a chance to verify that the server actually _can_ do
CRAM-MD5?

We still do not have evidence for the exim host failing to
authenticate to the smarthost; all debug output we have on file shows
successful delivery.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835