Closed Bug 223318 Opened 20 years ago Closed 20 years ago
MSN authentication not supported using SMTP
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Build Identifier: Mozilla Thunderbird 0.3 (20031013) MSN requires their own flavor or authentication. SMTP reports only "250-AUTH MSN" as an option (and you must authenticate to send mail). POP mail also fails to authenticate. Reproducible: Always Steps to Reproduce: 1. smtp.email.msn.com 2. try to send mail Google tells me that MSN authentication is the same as NTLM authentication, so if true, that might help with implemetation.
Well, in that case it should be bug 200436. But then we would have to recognize 'AUTH MSN', and route it to the NTLM implementation.
I created a filter that allows Thunderbird to use MSN servers: dposey.no-ip.com/proxy
Unfortunately enabling the use of "AUTH MSN" isn't as easy as proposed in comment #1. We don't only have to recognize MSN in the EHLO/AUTH response but the MSN keyword has also to be used in the AUTH command. So we need a separate flag for MSN to carry the state around. For POP3 it's nevertheless quite easy. But for SMTP adding MSN is much like adding a completely different authentication. That's because Microsoft did it again. They not only ignore RFC 2821 and the initial response argument, but implement the same authentication mechanism (MSN *is* NTLM) with another keyword another way. As Daniel found out while trying a simple SMTP patch from me, when using MSN the server only accepts a three step procedure, 1. "AUTH MSN", 2. sending initial NTLM string, 3. sending credentials in NTLM string. In contrast NTLM keyword without initial response parameter does not appear to work properly with Exchange server (according to http://davenport.sourceforge.net/ntlm.html#ntlmSmtpAuthentication) ... I took this patch as opportunity to make some more changes regarding the naming of SMTP states and functions to generalize the two resp. three steps of authentication. That's because AuthLoginUsername() and AuthLoginPassword() started to not only do (or do even the contrast) what their names say some time ago.
Assignee: sspitzer → ch.ey
Status: UNCONFIRMED → ASSIGNED
Comment on attachment 143268 [details] [diff] [review] proposed patch style nit: Can you make this "else if ()", i.e., on the same line? else + if(TestFlag(SMTP_AUTH_MSN_ENABLED)) + // if MSN enabled, clear it if we failed. + ClearFlag(SMTP_AUTH_MSN_ENABLED); + else if(TestFlag(SMTP_AUTH_PLAIN_ENABLED)) Also, can you add a comment about the non-standard things microsoft is doing?
Attachment #143268 - Flags: review?(bienvenu) → review+
btw, thx for doing this, Christian!
Of course I can put else and if on the same line. But all other are two liners in AuthLoginResponse(). I'll change all for the final patch. > Also, can you add a comment about the non-standard things microsoft is doing? Well, to use three steps isn't non-standard. To fail when initial response parameter (two steps) is used is non-standard. I'll modify the comment to AuthLoginStep0(). And thanks to Daniel for testing and modifying my initial patch.
This addresses comment #4.
Comment on attachment 143292 [details] [diff] [review] patch with little layout changes thx
Attachment #143292 - Flags: review+
Attachment #143292 - Flags: superreview?(mscott) → superreview+
fix checked in for Christian.
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.