MSN authentication not supported using SMTP

RESOLVED FIXED

Status

--
enhancement
RESOLVED FIXED
16 years ago
10 years ago

People

(Reporter: dposey, Assigned: ch.ey)

Tracking

Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

(Reporter)

Description

16 years ago
User-Agent:       Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Build Identifier: Mozilla Thunderbird 0.3 (20031013)

MSN requires their own flavor or authentication.  SMTP reports only "250-AUTH 
MSN" as an option (and you must authenticate to send mail).

POP mail also fails to authenticate.

Reproducible: Always

Steps to Reproduce:
1. smtp.email.msn.com
2. try to send mail




Google tells me that MSN authentication is the same as NTLM authentication, so 
if true, that might help with implemetation.

Comment 1

16 years ago
Well, in that case it should be bug 200436. But then we would have to recognize
'AUTH MSN', and route it to the NTLM implementation.

Updated

16 years ago
Depends on: 200436
(Reporter)

Comment 2

15 years ago
I created a filter that allows Thunderbird to use MSN servers:

dposey.no-ip.com/proxy
(Assignee)

Comment 3

15 years ago
Created attachment 143268 [details] [diff] [review]
proposed patch

Unfortunately enabling the use of "AUTH MSN" isn't as easy as proposed in
comment #1. We don't only have to recognize MSN in the EHLO/AUTH response but
the MSN keyword has also to be used in the AUTH command. So we need a separate
flag for MSN to carry the state around.

For POP3 it's nevertheless quite easy.

But for SMTP adding MSN is much like adding a completely different
authentication.
That's because Microsoft did it again. They not only ignore RFC 2821 and the
initial response argument, but implement the same authentication mechanism (MSN
*is* NTLM) with another keyword another way.
As Daniel found out while trying a simple SMTP patch from me, when using MSN
the server only accepts a three step procedure, 1. "AUTH MSN", 2. sending
initial NTLM string, 3. sending credentials in NTLM string.

In contrast NTLM keyword without initial response parameter does not appear to
work properly with Exchange server (according to
http://davenport.sourceforge.net/ntlm.html#ntlmSmtpAuthentication) ...

I took this patch as opportunity to make some more changes regarding the naming
of SMTP states and functions to generalize the two resp. three steps of
authentication. That's because AuthLoginUsername() and AuthLoginPassword()
started to not only do (or do even the contrast) what their names say some time
ago.
Assignee: sspitzer → ch.ey
Status: UNCONFIRMED → ASSIGNED
(Assignee)

Updated

15 years ago
OS: Windows XP → All
Hardware: PC → All
(Assignee)

Updated

15 years ago
Attachment #143268 - Flags: review?(bienvenu)

Comment 4

15 years ago
Comment on attachment 143268 [details] [diff] [review]
proposed patch

style nit: Can you make this "else if ()", i.e., on the same line?

	 else
+	 if(TestFlag(SMTP_AUTH_MSN_ENABLED))
+	   // if MSN enabled, clear it if we failed. 
+	   ClearFlag(SMTP_AUTH_MSN_ENABLED);
+	 else
	 if(TestFlag(SMTP_AUTH_PLAIN_ENABLED))

Also, can you add a comment about the non-standard things microsoft is doing?
Attachment #143268 - Flags: review?(bienvenu) → review+

Comment 5

15 years ago
btw, thx for doing this, Christian!
(Assignee)

Comment 6

15 years ago
Of course I can put else and if on the same line. But all other are two liners
in AuthLoginResponse(). I'll change all for the final patch.

> Also, can you add a comment about the non-standard things microsoft is doing?

Well, to use three steps isn't non-standard. To fail when initial response
parameter (two steps) is used is non-standard. I'll modify the comment to
AuthLoginStep0().

And thanks to Daniel for testing and modifying my initial patch.
(Assignee)

Comment 7

15 years ago
Created attachment 143292 [details] [diff] [review]
patch with little layout changes

This addresses comment #4.
(Assignee)

Updated

15 years ago
Attachment #143268 - Attachment is obsolete: true

Comment 8

15 years ago
Comment on attachment 143292 [details] [diff] [review]
patch with little layout changes

thx
Attachment #143292 - Flags: review+
(Assignee)

Updated

15 years ago
Attachment #143292 - Flags: superreview?(mscott)

Updated

15 years ago
Attachment #143292 - Flags: superreview?(mscott) → superreview+

Comment 9

15 years ago
fix checked in for Christian.
Status: ASSIGNED → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → FIXED
Product: MailNews → Core

Updated

12 years ago
Depends on: 383076
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.