You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by Jacques Lema <ja...@link-u.com> on 2004/07/28 12:06:10 UTC
Missing Option AuthRequiredForAllIPs
Hi,
I stumbled across a problem with james (2.2.0), ASSP (antispam filter)
and Thunderbird as mail client.
The problem is that Mozilla Thunderbird does NOT use authentification is
the server does not advertise it supports it (250 - AUTH LOGIN PLAIN).
If it doesn't state that is supports AUTH then auth doesn't happen and
the connection fails.
The problem is that if, instead of connecting directly to james, the
user connects through assp (required for whitelisting and such things)
the connection comes from ASSP which is on the same machine. The result?
The connection issued by ASSP comes from 127.0.0.1 which is an
authorized address, for obvious reasons. As a consequences james answer
to isAuthorized() is Yes, which causes it not to display the 250 auth
login message and therefore causes thunderbird not to use auth.
Obviously a very useful feature would be an option for forcing the
announcement of AUTH capabilities as answer to EHLO, whatever the source
ip is. What do you think?
Thanks,
Jacques
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org