Closed
Bug 201724
Opened 23 years ago
Closed 23 years ago
CRAM-MD5 smtp authentication failure repeats forever
Categories
(MailNews Core :: Networking: SMTP, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: david, Assigned: Bienvenu)
Details
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQH025668: --- 220 2.0.0 Ready to
start TLS
Apr 11 19:36:34 hotmale sm-mta[25668]: STARTTLS=server, get_verify: 0 get_peer: 0x0
Apr 11 19:36:34 hotmale sm-mta[25668]: STARTTLS=server, relay=david@hb
[10.0.0.6], version=TLSv1/SSLv3, verify=NO, cipher=RC4-MD5, bits=128/128
Apr 11 19:36:34 hotmale sm-mta[25668]: STARTTLS=server, cert-subject=, cert-issuer=
Apr 11 19:36:34 hotmale sm-mta[25668]: AUTH: available mech=ANONYMOUS CRAM-MD5
DIGEST-MD5 LOGIN PLAIN NTLM OTP, allowed mech=DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQH025668: <-- EHLO blue-labs.org
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: milter=Bmilter,
action=helo, continue
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: ---
250-hotmale.blue-labs.org Hello david@hb [10.0.0.6], pleased to meet you
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-ENHANCEDSTATUSCODES
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-PIPELINING
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-EXPN
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-VERB
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-8BITMIME
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-SIZE
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-DSN
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-ETRN
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-AUTH DIGEST-MD5
CRAM-MD5 LOGIN PLAIN
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250-DELIVERBY
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 250 HELP
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: <-- AUTH CRAM-MD5
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 334
asdfasdfasdfNzMuOTkxNjg2NEBob3RtYWxlLmJsdWUtbGFicy5vcmc+
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 535 5.7.0
authentication failed
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: AUTH failure (CRAM-MD5):
user not found (-20) SASL(-13): user not found: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: <-- AUTH CRAM-MD5
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 334
asdfasdfasdfNi45OTE2ODY0QGhvdG1hbGUuYmx1ZS1sYWJzLm9yZz4=
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 535 5.7.0
authentication failed
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: AUTH failure (CRAM-MD5):
user not found (-20) SASL(-13): user not found: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: <-- AUTH CRAM-MD5
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 334
asdfasdfasdfNzguOTkxNjg2NEBob3RtYWxlLmJsdWUtbGFicy5vcmc+
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 535 5.7.0
authentication failed
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: AUTH failure (CRAM-MD5):
user not found (-20) SASL(-13): user not found: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: <-- AUTH CRAM-MD5
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 334
asdfasdfasdfNzYuOTkxNjg2NEBob3RtYWxlLmJsdWUtbGFicy5vcmc+
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 535 5.7.0
authentication failed
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: AUTH failure (CRAM-MD5):
user not found (-20) SASL(-13): user not found: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: <-- AUTH CRAM-MD5
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 334
asdfasdfasdfNC45OTE2ODY0QGhvdG1hbGUuYmx1ZS1sYWJzLm9yZz4=
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: mysql plugin couldnt connect to any host
Apr 11 19:36:34 hotmale sm-mta[25668]: no secret in database
Apr 11 19:36:34 hotmale sm-mta[25668]: h3BNaWQI025668: --- 535 5.7.0
authentication failed
This cycle will repeat indefinitely. I noticed it because I don't have backend
support in SASL for CRAM-MD5 finished yet, but the bug here is Mozilla has no
loop check.
|
||
Comment 3•23 years ago
|
||
Noticed this also in 1.4a and since with our smtp server at MozillaNews.org.
with help from our admin, Atlee, we determined it was cram-MD5, and then I found
this bug. So _something_ is going on...
|
Assignee | |
Comment 4•23 years ago
|
||
would it be possible for me to get an account on that smtp server for testing
purposes?
thx, - David
|
|
||
Comment 5•23 years ago
|
||
Actually, yeah, I'm qute sure Atlee will do that. I'll talk with her, and email
you the login info.
Further info. The authentication loop will stall after a little while. It
appears that Mozilla just won't do anything further.
Maybe Moz could detect the authentication failure, try the next weaker
mechanism, then ask for the password again. Alternatively, Moz could detect the
failure, display the error message to the user with a dialog that asks if the
user wants to try a different mechanism or re-enter the password.
...sticky, problematic, etc. However there isn't any way for the user to tell
moz to try a different mechanism if the user feels the site administrator's
setup is broken.
|
|
||
Comment 7•23 years ago
|
||
David, I've set you up a shell/email account on the server for testing purposes
and sent you the details.
|
|
Assignee | |
Comment 8•23 years ago
|
||
fix checked in - patch in bug 201778
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
|
||
Updated•21 years ago
|
Product: MailNews → Core
|
||
Updated•17 years ago
|
Product: Core → MailNews Core
You need to log in
before you can comment on or make changes to this bug.
Description
•