Loading ...
Sorry, an error occurred while loading the content.

281043Re: SASL forward problem

Expand Messages
  • Wietse Venema
    Nov 2, 2011
      > 220 mailout1.t-email.cz ESMTP
      > EHLO 251-43-13-46.tmcz.cz
      > 250-mailout1.t-email.cz
      > 250-PIPELINING
      > 250-SIZE 15360000
      > 250-VRFY
      > 250-ETRN
      > 250-AUTH LOGIN PLAIN
      > 250-8BITMIME
      > 250 DSN
      > AUTH LOGIN
      > 334 xxxxxxxxxx
      > yyyyyyy
      > 334 xxxxxxxxxxxx
      > yyyyyyy
      > 235 2.7.0 Authentication successful
      > MAIL FROM:<jiri.panek@...> SIZE=519 AUTH=<>
      > 250 2.1.0 Ok
      > RCPT TO:<jipan@...> ORCPT=rfc822;jipan@...
      > 555 5.5.4 Unsupported option: AUTH=<>

      This SMTP server has an interesting way to report errors.

      > I thing, my Postfix should ignore the "555 5.5.4 Unsupported option:
      > AUTH=<>" and continue.

      Postfix cannot ignore 555 after RCPT TO. And we already know that
      the server would not accept the mail (in your earlier email it
      replied with "554 5.5.1 Error: no valid recipients" to the DATA

      > Or better do not send it at all - what is it at all?

      Postfix is not written by imitation. It is written by implementing
      mail standards. The AUTH command and the AUTH= option are defined
      in RFC 2554 which was written many years ago.

      Unfortunately, not sending AUTH= involves editing Postfix source
      code or using a proxy that removes the AUTH= option. There is no
      feature to filter the commands that Postfix sends, like there is
      for the replies that Postfix receives.

      A third option is to edit the Postfix smtp executable file. Look
      for the string " AUTH=<>" and replace the space with a null byte.

      As for editing source code, this is in src/smtp/smtp_proto.c.
      Just delete the portion with:

      * We authenticate the local MTA only, but not the sender.
      #ifdef USE_SASL_AUTH
      if (var_smtp_sasl_enable
      && (session->features & SMTP_FEATURE_AUTH))
      vstring_strcat(next_command, " AUTH=<>");

      > As you wrote: "If that is the case, then the server
      > mis-implements SMTP command
      > pipelining."
      > Did you mean my server (my postfix) or ISPs server ?

      Your machine is the SMTP client. The ISP is the SMTP server.

    • Show all 5 messages in this topic