dotnet-policy-service[bot]
commented
3 months ago Tagging subscribers to this area: @dotnet/ncl See info in area-owners.md if you want to be subscribed.
Closed avin3sh closed 3 months ago
dotnet-policy-service[bot]
commented
3 months ago Tagging subscribers to this area: @dotnet/ncl See info in area-owners.md if you want to be subscribed.
avin3sh
commented
3 months ago Opened https://github.com/dotnet/runtime/pull/105939 that fixes this
Description
Kerberos with
SmtpClientdoes not work in .NET. This isn't an issue in .NET Framework.Reproduction Steps
Initialize
SmtpClientwithUseDefaultCredentials = trueand try sending the mail.Expected behavior
Negotiate should work
Actual behavior
Smtp server returns
Temporary authentication failure: generic failureand on the .NET side this error appears asCommand not implemented. The server response was: 5.5.2 Error: command not recognized.Regression?
No difference when the behavior is compared with other versions
Known Workarounds
No response
Configuration
No response
Other information
If you look at the packet capture, it appears that CRLF response is being handled twice after negotiate exchange completes. This seems to be a bug because on .NET Framework there is only single CRLF response after token exchange.
A fix for this issue is important because MailKit, which is currently recommended in the docs, does not support Kerberos(https://github.com/jstedfast/MailKit/issues/1249). Not having a functional Kerberos support in the BCL
SmtpClientblocks any efforts of migrating from .NET framework.