Skip to content

Allow AUTH LOGIN mechanism #60

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
aronerben opened this issue Aug 12, 2022 · 9 comments
Closed

Allow AUTH LOGIN mechanism #60

aronerben opened this issue Aug 12, 2022 · 9 comments

Comments

@aronerben
Copy link

Hello, from what I'm seeing currently, only the AUTH PLAIN mechanism is supported in sendmail. It would be very beneficial for us if AUTH LOGIN is also supported, as we are using Microsoft Exchange SMTP servers and they have disallowed AUTH PLAIN back in 2017 apparently.

Thank you!
@aronerben aronerben mentioned this issue Aug 12, 2022
Merged
@mabiede
Copy link

mabiede commented Sep 27, 2022

@dinosaure we would very much appreciate it if this would be implemented. Is there any update on this?

@dinosaure
Copy link
Member

dinosaure commented Sep 27, 2022
edited
Loading

Sorry for the delay, it's on my TODO list, I will probably try an implementation next week.

@dinosaure
Copy link
Member

I just dig in into the LOGIN method and it seems an obsolete method (only a draft exists about it: https://datatracker.ietf.org/doc/html/draft-murchison-sasl-login-00). I can implement it but do you have another (better) mechanism available?

@dinosaure dinosaure mentioned this issue Oct 17, 2022
Merged
@aronerben
Copy link
Author

@dinosaure Thanks a lot for looking into it and drafting a PR! Unfortunately, AUTH LOGIN is the only mechanism we can use at the moment. Outlook.com seems to have discontinued support for AUTH PLAIN back in 2017 and most of our infrastructure runs on that. So from what I'm seeing, having AUTH LOGIN support in our OCaml Apps is unavoidable.

@dinosaure
Copy link
Member

@aronerben thanks for your reply. I was just wondering if you can use a better mechanism, LOGIN seems highly risky to use. Can you try a connection with my draft? Only bad cases are missing but if you use a good username/password, you should able to send an email now with the LOGIN mechanism.

@aronerben
Copy link
Author

@dinosaure

Can you try a connection with my draft?

I haven't been able to get it to work, but I'm assuming I'm doing something wrong, I'll keep looking into it. But I just wanted to answer quickly:

I was just wondering if you can use a better mechanism

Yes, apparently, recently, AUTH NTLM was added. If you deem this to be better, we can also gladly use that. I just don't want the work you've already put in to be redundant :)

@aronerben
Copy link
Author

@dinosaure I found the problem, I had forgotten to change the mechanism while using STARTTLS :) The happy path works with LOGIN on your draft!

@dinosaure
Copy link
Member

Thanks for you feedback. I will cut a release as soon as I can 👍. About NTLM mechanism, we probably should make an other issue about that (and when I will have the time, I will try to implement it).

@aronerben
Copy link
Author

@dinosaure Thanks a bunch for your work 🎆 , I'll make the issue.

@aronerben aronerben mentioned this issue Nov 8, 2022
Open
dinosaure added a commit to dinosaure/opam-repository that referenced this issue Nov 30, 2022
@dinosaure
[new release] colombe, sendmail and sendmail-lwt (0.7.0)
8355736 
CHANGES:

- Implement the `LOGIN` mechanism when we want to send an email (@dinosaure, issued by @aronerben & @mabiede, mirage/colombe#60, mirage/colombe#61)
- Update the codebase with `ocamlformat` (@dinosaure, mirage/colombe#62, mirage/colombe#64)
@dinosaure dinosaure mentioned this issue Nov 30, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dinosaure @aronerben @mabiede