Closed 8a54bb72-6b25-473e-a449-295c9db8c6ab closed 22 years ago
Unfortunately, my original SMTP auth patch doesn't work so well in real life. There are two methods to advertise the available auth methods for SMTP servers:
old-style: AUTH=method1 method2 ... RFC style: AUTH method1 method2
Microsoft's MUAs are b0rken in that they only understand the old-style method. That's why most SMTP servers are configured to advertise their authentication methods in old-style _and_ new style. There are also some especially broken SMTP servers like old M$ Exchange servers that only show their auth methods via the old style.
Also the (sadly but true) very widely used M$ Exchange server only supports the LOGIN auth method (I have to use that thing at work, that's why I came up with this patch). Exchange also supports some other proprietary auth methods (NTLM, ...), but we needn't care about these.
My argument is that the Python SMTP AUTH support will get a lot more useful to people if we also support
1) the old-style AUTH= advertisement 2) the LOGIN auth method, which, although not standardized via RFCs and originally invented by Netscape, is still in wide use, and for some servers the only method to use them, so we should support it
Please note that in the current implementation, if a server uses the old-style AUTH= method, our SMTP auth support simply breaks because of the esmtp_features parsing.
I'm randomly assigning this patch to Barry, because AFAIK he knows a lot about email handling. Assign around as you please :-)
Logged In: YES user_id=163326
This also includes a slightly modified version of patch bpo-552605.
Even better would IMO be to add an additional parameter to base64.encode* and the corresponding binascii functions that avoids the insertion of newline characters.
Logged In: YES user_id=85984
A comment on the old-style advertisement.
You say that Microsoft's MUAs only understand the old-style method. I haven't found this to be the case.
tmda-ofmipd is an outgoing SMTP proxy that supports SMTP authentication, and I only use the RFC style advertisement. This works perfectly well with MS clients like Outlook 2000, and Outlook Express 5. Below is an example of what the advertisement looks like.
BTW, no disagreement about supporting the old-style advertisement in smtplib, as I think it's prudent, just making a point.
# telnet aguirre 8025 Trying 172.18.3.5... Connected to aguirre.la.mastaler.com. Escape character is '^]'. 220 aguirre.la.mastaler.com ESMTP tmda-ofmipd EHLO aguirre.la.mastaler.com 250-aguirre.la.mastaler.com 250 AUTH LOGIN CRAM-MD5 PLAIN QUIT 221 Bye Connection closed by foreign host.
Logged In: YES user_id=21627
I cannot understand why the behaviour of MS MUAs is relevant here at all; smtplib only talks to MTAs (or MSAs).
If MTAs advertise the AUTH extension in the new syntax in addition to the old syntax, why is it not good to just ignore the old advertisement? Can you point to a specific software package (ideally even a specific host) which fails to interact with the current smtplib correctly?
Logged In: YES user_id=12800
Martin, (some? most?) MUAs post messages by talking directly to their outgoing SMTPd, so that's probably why Gerhard mentions it.
On the issue of base64 issue, see the comment in bug bpo-552605, which I just took assignment of. I'll deal with both these bug reports soon.
Logged In: YES user_id=21627
I still cannot see why support for the old-style AUTH lines is necessary. If all SMTPds announce their supported mechanisms with both syntaxes, why is it then necessary to even look at the old syntax?
I'm all for adding support for the LOGIN method.
Logged In: YES user_id=163326
Martin, the reason why we need to take into account both old and RFC-style auth advertisement is that there are some smtp servers, which advertise different auth mechanisms in the old vs. RFC-style line. In particular, the MS Exchange server that I have to use at work and I think that this is even the default configuration of Exchange 2000. In my case, it advertises its LOGIN method only in the AUTH= line.
I'll shortly upload a patch that takes this into account.
Logged In: YES user_id=163326
Updated patch. Changes to the previous patch:
Logged In: YES user_id=21627
That existing SMTP servers announce LOGIN only in the old-style header is a good reason to support those as well; I hence recommend that this patch is applied.
Microsoft is, strictly speaking, conforming to the RFC by *not* reporting LOGIN in the AUTH header: only registered SASL mechanism can be announced there, and LOGIN is not registered; see
Logged In: YES user_id=21627
In
http://sourceforge.net/tracker/?func=detail&atid=105470&aid=581165&group_id=5470
pierslauder reports success with this patch; see his detailed report for remaining problems.
Logged In: YES user_id=163326
Uh-oh. I made a stupid error in the code, sending the username twice. One more lesson I learnt: never use username == password for testing :-/
Logged In: YES user_id=163326
Here's a backport for Python 2.2. I did the diff against Python 2.2.1 and hope it still applies to the maintenance line.
Arguments for backporting:
Logged In: YES user_id=21627
There is another such patch as bpo-613708.
It would be good to make progress on this patch. Barry, what is stopping this from being integrated?
Logged In: YES user_id=12800
I've simply not had time to devote to this patch. If you feel so inclined, please take it from me, otherwise I will try to find some time for it soon.
Logged In: YES user_id=21627
Committed for 2.2 as 1.46.4.5
It appears that Piers Lauder already committed version 2 of the patch as 1.59; I've committed the missing change as 1.63. Please review both committs for correctness.
Logged In: YES user_id=163326
They both seem to be ok.
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields: ```python assignee = 'https://github.com/warsaw' closed_at =
created_at =
labels = ['library']
title = 'AUTH method LOGIN for smtplib'
updated_at =
user = 'https://bugs.python.org/ghaering'
```
bugs.python.org fields:
```python
activity =
actor = 'ghaering'
assignee = 'barry'
closed = True
closed_date = None
closer = None
components = ['Library (Lib)']
creation =
creator = 'ghaering'
dependencies = []
files = ['4361', '4362', '4363', '4364']
hgrepos = []
issue_num = 572031
keywords = ['patch']
message_count = 16.0
messages = ['40365', '40366', '40367', '40368', '40369', '40370', '40371', '40372', '40373', '40374', '40375', '40376', '40377', '40378', '40379', '40380']
nosy_count = 4.0
nosy_names = ['loewis', 'barry', 'ghaering', 'jasonrm']
pr_nums = []
priority = 'normal'
resolution = 'accepted'
stage = None
status = 'closed'
superseder = None
type = None
url = 'https://bugs.python.org/issue572031'
versions = ['Python 2.3']
```