203785 - Can't send mails: already authenticated

Status: RESOLVED FIXED

(MailNews Core :: Networking: SMTP, defect)

Description

[PeTa]

User-Agent:       Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4b) Gecko/20030428
Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4b) Gecko/20030428

Alert: An error ocurred while sending mail. The mail server responded "you
already authentificated. Please verify that you emal adress.......

This error ocurred when I download and install the 26 april nightly build.
Before that all work right. The mail configuration is well and i can send mail
in outlook express.



Reproducible: Always

Steps to Reproduce:
only sending an email

Comment 1

[Christian Eyrich]

Hm, a little poor description but the message is interesting.
Did you try this again with a build from this month? What was the last good
build (was installed before 20030426)?

It would be very helpful to get a client side SMTP log. Please look here how to:
http://www.mozilla.org/quality/mailnews/mail-troubleshoot.html#imap

Is this a free server where everyone can get an account? In any case, the
address of this server would be useful too (if it's an official server connected
to the internet).

Comment 2

[PeTa]

Sorry. but I don`t speak english as well, and it's very dificult to me.

I don´t know the last build before this bug.
I try again with a new built l(two days later i think, but not of this month)

I can create one account to you but it isn't for everyone (the server) if you
want an account to view the bug tell me.

Comment 3

[PeTa]

with the nightly version of 5/5/2003 the error persist.
Server name: mail.ecocomputer.com

Comment 4

[Christian Eyrich]

Thanks to the test account I could find out what happens.

That is what happens (ordered by time):
220 the host's greeting you ESMTP
AUTH CRAM-MD5
334 PDMxODEwLjEwNTIyNTc4NjdAZWNvY29tcHV0ZXIuY29tPg==
bW96aWxsYUBpbmZvZnV0dXJvLmNvbSBlMzYwMDk0ZDlhZjM0ZDQ3YTU5OTJiNjNjNTc3OTNkYQ==
421 out of memory (#4.3.0)
535 auth failure
AUTH PLAIN AG1vemlsbGFAaW5mb2Z1dHVyby5jb20AbW96aWxsYQ==
235 go ahead
MAIL FROM<my@host.net>
250 sender ok

That is what Mozilla sees:
220 the host's greeting you ESMTP
AUTH CRAM-MD5
334 PDMxODEwLjEwNTIyNTc4NjdAZWNvY29tcHV0ZXIuY29tPg==
bW96aWxsYUBpbmZvZnV0dXJvLmNvbSBlMzYwMDk0ZDlhZjM0ZDQ3YTU5OTJiNjNjNTc3OTNkYQ==
421 out of memory (#4.3.0)
AUTH PLAIN AG1vemlsbGFAaW5mb2Z1dHVyby5jb20AbW96aWxsYQ==
535 auth failure
AUTH LOGIN bW96aWxsYUBpbmZvZnV0dXJvLmNvbQ==
235 go ahead
MAIL FROM<my@host.net>
503 you are already authenticated


So it's clear, Mozilla only awaits one response per command and thus reads only
one out. The 535 will be read in answer to PLAIN and so another mechanism is
tried a.s.o.

I've read through RFC 2821 and 2554 but couldn't find that sending two responses
to one command is prohibited. But nevertheless I'm convinced that's the server's
fault we can't handle.

Any suggestions are welcome.

Comment 5

[Matthias Versen [:Matti]]

*** Bug 210207 has been marked as a duplicate of this bug. ***

Comment 6

[maciej zawadzki]

I have the same problem on Linux (SuSE 8.1) with Mozilla 1.4 -- Mozilla 1.4
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624.

The mail server is qmail running on our internal network.  It requires
authentication.  Everything used to work fine in Mozilla 1.2 before I upgraded.
 Also, I have no problem sending from other email clients such as KMail.

Comment 7

[Christian Eyrich]

Maciej, did you enable CRAM-MD5 authentication when trying to connect with KMail?
If not, could you try this please?

Unfortunately I hadn't the possibility to test other applications with such a
buggy server.

Comment 8

[maciej zawadzki]

When I set the authentication to CRAM-MD5 in KMail, I can't send either.
<error>
Sending failed:
Authentication failed.
Most likely the password is wrong.
The server responded: "out of memory (#4.3.0) "
</error>

To get the send to work in KMail, I had to set the Authentication method to
PLAIN -- even though the KMail "Check What the Server Supports" button returned
CRAM-MD5.

Comment 9

[Christian Eyrich]

> When I set the authentication to CRAM-MD5 in KMail, I can't send either.

Ah, that's nice. So Mozilla isn't the only application having problems.
KMail (like Mozilla) thinks the server is CRAM-MD5-able because it explicitly
says so.

Not to know CRAM-MD5 or fail when trying isn't bad, but if the server answers
with two codes (besides the fact that 421 is illegal while authenticating
anyway) it's not surprising if the clients have problems.
The only thing you can blame Mozilla for is because you can't switch off
CRAM-MD5 at the moment.

But you should solve the servers problem resp. call the servers admin to do so
anyway.

Comment 10

[maciej zawadzki]

It's strange that in Mozilla 1.2.1 this was not a problem though.  I can send
emails via the same qmail server just fine using the 1.2.1 mail client.

Comment 11

[Christian Eyrich]

Oh, yes, I didn't explain this, sorry.
Versions < 1.4 were not able to do CRAM-MD5 and therefore never tried this even
the server advertised it. And so the server didn't run into it's erroneous
code/config.

I don't know if these buggy servers throw two errors each time something goes
wrong or only if it's there CRAM-MD5 code. But the root cause for the problem is
and will be the server.

Comment 12

[PeTa]

I can create a test acount if you want

Comment 13

[Christian Eyrich]

PeTa - thanks, but as you might remember I had a test account in May. That was
usefull to detect the problem and now I know the cause.

But I can't see a solution except making CRAM-MD5 switchable for those buggy
servers.

Comment 14

[PeTa]

I need a solution, in my work this is the only way to send mails and i have the
outlook express to send and the mozilla for download and read mails. It isn't
great :(

The admin of my server say "we don't have MD5 installed"

Comment 15

[Christian Eyrich]

> The admin of my server say "we don't have MD5 installed"

Oh, wow. I'd be very interested what he answers after showing him the servers
EHLO response:

220 ecocomputer.com ESMTP
ehlo test
250-ecocomputer.com
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN250-ecocomputer.com
250-PIPELINING
250-8BITMIME
250 SIZE 0

If the means, no MD5 encoder installed that might be true, but the server is
faulty nevertheless.

But Ok, I'll make a patch.

Comment 16

[Christian Eyrich]

Attachment: proposed patch

So here is a patch that adds a new boolean pref trySecAuth to the smtpserver
prefs.
Default is true so the behaviour is like now. But if you've a problem with the
server, add trySecAuth for this server and set it to false, resp. set the
default to false to switch it off for all servers.

In contrast to POP3 secAuth pref this doesn't switch exclusively between
unsecure/secure but (as the name says) defines if secure Authentication
(CRAM-MD5 at the moment) is tried. So even if true, PLAIN/LOGIN and none is not
off!

Comment 17

[David :Bienvenu]

+    *trySecAuth = true;

use PR_TRUE - other than that, it looks OK. Do you think we should add a UI to
the smtp server configuration to allow user to explicitly disable secure auth
like we have for the incoming servers?

Comment 18

[Christian Eyrich]

Attachment: patch v2

Here it is with the right boolean.

A UI, I don't think so. It's a workaround for really broken servers. In
contrast to POP3 SMTP has a fallback so failing CRAM-MD5 isn't that bad. Only
servers like the OP's with double answers or so need that kind of help.

Comment 19

[Scott MacGregor]

Comment on attachment 129810 [details] [diff] [review]
patch v2

note to self: land the mailnews.js change in thunderbird

Comment 20

[David :Bienvenu]

request 1.5b approval

Comment 21

[Asa Dotzler [:asa]]

Comment on attachment 129810 [details] [diff] [review]
patch v2

a=asa (on behalf of drivers) for checkin to Mozilla 1.5beta.

Comment 22

[David :Bienvenu]

fix checked in.

Comment 23

[neil@parkwaycc.co.uk]

I'm not sure you can actually add UI for a readonly attribute...

Comment 24

[Scott MacGregor]

I checked in the pref change for thunderbird too.