YAM - Yet Another Mailer (#2) - SMTP AUTH (#48) - Message List

SMTP AUTH
 solved

Can some Yam guru help?

I need to set up Yam for my new ISP with these specific settings:- SMTP AUTH, NO Encryption, PLAIN Auth. These settings work with KMail in linux.

When I tick the "Use SMTP AUTH" button the server responds with an error Bad AUTH CRAM-MD5 command response.

Is there any way to make Yam use PLAIN text and NOT, CRAM-MD5 first?

Regards, Tim

Tree View Flat View (newer first) Flat View (older first)
  • Message #234

    I need to set up Yam for my new ISP with these specific settings:- SMTP AUTH, NO Encryption, PLAIN Auth. These settings work with KMail in linux.

    When I tick the "Use SMTP AUTH" button the server responds with an error Bad AUTH CRAM-MD5 command response.

    Is there any way to make Yam use PLAIN text and NOT, CRAM-MD5 first?

    No, there is currently no way to force YAM to only use the PLAIN authentication mode.

    What YAM currently does, is to check the SMTP server capabilities and then try to use the most secure authentication available. So if your SMTP server responses to the "EHLO" command that there is the CRAM-MD5 mode available, YAM tries to use it and if it fails it correctly reports this problem.

    Out of my mind the supported authentication modes listed by the most secure one at the top is:

    1. DIGEST-MD5
    2. CRAM-MD5
    3. LOGIN
    4. PLAIN

    Please also note that if you are using SMTP AUTH with no encryption and the PLAIN authentication mode you could face a serious security problem as your passwort and login information is transfered fully unencrypted. Only the MD5 authentications are safe with a non-encrypted connection.

  • Message #235

    Thank you for the reply.

    Will you consider the possibility of setting the auth method in the config for a future release? I do understand the security issues, but flexibility is more important, and if the user wants to compromise his security, that is his choice.

    My problem is my new ISP is unwilling to install the sw for CRAM-MD5 as they say ALL is behind routers and protected. This ISP offers direct line of sight radio (2.4GHz) internet.

    I have no other ISP options besides dial-up. :(

    Kind regards, Tim

  • Message #236

    Will you consider the possibility of setting the auth method in the config for a future release? I do understand the security issues, but flexibility is more important, and if the user wants to compromise his security, that is his choice.

    Sure, but please not that such an enhancement would be on a low priority. So please make sure you file a correct feature request at the sourceforge.net bugtracker as explained on the YAM homepage:

    http://yam.ch/newticket

    My problem is my new ISP is unwilling to install the sw for CRAM-MD5 as they say ALL is behind routers and protected. This ISP offers direct line of sight radio (2.4GHz) internet.

    You can also tell your ISP that if they don't want to use CRAM-MD5 at all, they should be able to configure their SMTP server to not announce on the "EHLO" command response that the SMTP is capable of CRAM-MD5 at all. Then YAM, and also every other mailer should try on using a different authentication method, ending up at PLAIN authentication. If they are using sendmail, I could even tell them which configuration option this is :) It is definitly the wrong approach to let the SMTP server announce CRAM-MD5 if the server doesn't use it at all.

  • Message #237

    Thank you for the fast reply again :)

    As you have requested I`ve filed a feature request.

    I will speak to my ISP and suggest they set there server up as you said in the last part of your post. I think they may use qmail.

    Thank you again, regards Tim

  • Message #238

    It started with this:

    Bad RCPT command response: 553 Dynamic/Residential IP range listed by NJABL dynablock- http://njabl.org/dynablock.html

    The mail server couldn't execute the command and replied with an error message.

    This error message popped up only when I tried to send mail. I can download mail with no problem. I reported this to my ISP and the tech guy told me the turn on the smtp authentication. I did and I still can't send. Instead I have a new error message:

    Couldn't connect to 'smtp.pcmagic.net' The mail server is currently down or doesn't support the POP3/SMTP protocols

    What do I do now?

  • Message #239

    It started with this:

    Bad RCPT command response: 553 Dynamic/Residential IP range listed by NJABL dynablock- http://njabl.org/dynablock.html

    The mail server couldn't execute the command and replied with an error message.

    This error message popped up only when I tried to send mail. I can download mail with no problem. I reported this to my ISP and the tech guy told me the turn on the smtp authentication. I did and I still can't send. Instead I have a new error message:

    Couldn't connect to 'smtp.pcmagic.net' The mail server is currently down or doesn't support the POP3/SMTP protocols

    What do I do now?

    Ask the tech guy again for the specific authentication method the SMTP server requires/expects. Does it just requires ESMTP with one of the authentication methods mentioned above, or does it also require a proper SSL negotation?

    After having asked your tech guy you should be able to set YAM properly to authenticate to the SMTP server and send your mails.

  • Message #240

    Okay, he said use either CRAM-MD5 or PLAIN. So how do I set that up in YAM?

  • Message #241

    Okay, he said use either CRAM-MD5 or PLAIN. So how do I set that up in YAM?

    First of all it is important which version of YAM you are currently using, Because CRAM-MD5 was buggy in versions prior to 2.4p1 AFAIK. So if you want to run SMTP-AUTH with YAM you require at leaast 2.4p1.

    And all you need to do is, click the SMTP-AUTH gadget in your server konfiguration tab. And if it still doesn't work, then please start YAM from commandline with the option "DEBUG" and try to catch the debug output right at the time YAM tries to authenticate to the server, with this debug output I might find the problem...

Tree View Flat View (newer first) Flat View (older first)

Attachments

No attachments created.