Closed
Bug 73693
Opened 23 years ago
Closed 3 years ago
Secure SMTP server needs proprietary authentication, not asking for authentication
Categories
(MailNews Core :: Networking: SMTP, defect)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: sheelar, Unassigned)
Details
Attachments
(1 file)
Buildid: 2001-03-23-10 on MAC 9.0.4 While I was verifying bug 64777 found out Mac was not coming up with a password dialog while sending message using SMTP server that needs password to send message. I was using secure poisonivy server which requires a password to send the message. When I compose a message from the browser menu item- file/new->message, compose and send a message should result in prompting with the password dialog to send the message.
Reporter | ||
Comment 1•23 years ago
|
||
change qa contact->myself, cc esther, John Myers.
QA Contact: esther → sheelar
Comment 3•23 years ago
|
||
I'd like to confirm this bug under a 2001 build from October 30-31. I noticed the problem against an Exim server. Mozilla recognizes the STARTTLS response to the EHLO command, but ignores any AUTH response after starting the TLS session. Mozilla *may* work correctly if the server issues a "4xx MUST AUTH" connection, but my server doesn't and instead refuses to relay because the user is not authenticated.
Reporter | ||
Updated•23 years ago
|
QA Contact: sheelar → junruh
Comment 4•23 years ago
|
||
A protocol telemetry log would be most helpful. setenv NSPR_LOG_MODULES SMTP:5 in a debug build would suffice.
Comment 5•23 years ago
|
||
Upping to critical. Changing OS to all (I'm on win2k). Nominating for 0.9.8 inclusion, and for nsbeta1. Did this work in Comm. 4.x? This prevents MSN ISP subscribers who use email accounts other than their msn.com account from using Mozilla mail, thus, migrating them to non Mozilla mail clients, or over to msn.com email accounts. This means that netscape webmail via the Mozilla email client will not work if MSN is your ISP. MSN recently started blocking outbound port 25 messages destined for smtp servers *other* than their own (smtp.email.msn.com). See http://www.zdnet.com/zdnn/stories/news/0%2C4586%2C5080821%2C00.html for reference. That means, that if you're using Mozilla mail with a non MSN account, and MSN is your ISP, you either need to stop using your non MSN account, or you need to configure your client to use smtp AUTH w/ secure passwords. This configuration process is described here http://supportservices.msn.com/us/content/qanda/qa_emailsecurity.htm#emailsecurity_outlook_98_or_2000 . You'll note that MSFT is obviously using this as an opportunity to point out that you should exclusively be using Outlook. You can extrapolate the instructions to Mozilla mail, but, because of this bug, it does you no good as we don't every try to AUTH with the server. I'll attatch my an SMTP log what illustrates the broken interraction. The instructions also suggest you use "Secure Password Authentication." I'm not sure if that's different from SSL, but, I suspect it is considering if I tell Mozilla mail to use SSL to connect w/ the smtp.email.msn.com smtp server using SSL, it will not connect. So, I believe we have another bug that would require impl of "Secure Password Authentication".? In this specific case, using Outlook, I don't actually have to check that checkbox. Leaving it unchecked in Outlook I'm still able to send mail; that's another issue though.
Comment 6•23 years ago
|
||
Comment 7•23 years ago
|
||
The attached log shows the server advertising only the "MSN" SASL authentication mechanism. This mechanism isn't registered with IANA, which makes it nonconforming. The mechanism also is nonstandard and (as far as I know) undocumented. This is clearly anticompetitive behavior on the part of the server implementor. The server is clearly locking out SMTP clients other than their own. There is nothing Mozilla can do.
Comment 8•23 years ago
|
||
Perhaps Mozilla could throw up a dialog box stating that the server has locked us out. One problem is that there is no algorithmic way to detect whether a particular unrecognized authentication mechanism is nonstandard or whether it is standard but merely not supported by Mozilla.
Comment 9•23 years ago
|
||
No question that the behavior is anti-competative. I think there are two bugs here: this one, and the one you and I site (the proprietary PWD auth mechanism). I was able to use Outlook Express w/ out the Secure Pwd Auth turned on (although they implied it was required). I think we need to fix this bug and at least send over the uname and pwd. If we can't do that, then let's remove the prefs dialog UI for it; which is obviously misleading.
Comment 10•23 years ago
|
||
The feature works just fine on servers that are standards-compliant; it can't be removed.
Comment 11•23 years ago
|
||
huh? I don't know IMAP, but, I don't see any attempt in that log I posted on Moz mail's part to send a username to what appears to be a std IMAP command comming from the server "AUTH". Is that "AUTH" non-standard? Again, I think there are two issues here; someone prove otherwise please.
Comment 12•23 years ago
|
||
Mozilla cannot send a username and password to smtp.email.msn.com because that server does not advertise either of the password-based authentication mechanisms Mozilla supports. Similarly, Mozilla cannot send a client cert to a server that doesn't advertise the capability to do SSL. Password authentication is in the base spec for IMAP, but SMTP AUTH is is an SMTP extension. AUTH is standards track, but is not required to be implemented. Even if AUTH is implemented, there is no particular required mechanism. See RFC 2554.
Comment 13•23 years ago
|
||
The log you posted is SMTP, not IMAP.
Comment 14•23 years ago
|
||
Right, I meant to say SMTP, thanks for the clarification. Do I hear a WONTFIX resolution for this bug?
Comment 15•23 years ago
|
||
Correcting Summary, closing WONTFIX.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → WONTFIX
Summary: Secure SMTP sever needs authentication to send, not asking for authentication → MSN SMTP sever needs proprietary authentication, not asking for authentication
Comment 16•23 years ago
|
||
hmm, I'm not sure that's the right summary, other people have reported this problem w/ other servers too (servers that would suprise me if they were using the MS proprietary model as well; I think there's still another bug here :-) ).
Comment 17•23 years ago
|
||
Problems with other servers need to be filed separately, complete with telemetry log.
Comment 18•23 years ago
|
||
reverting the settings to pre-Judson keywords and nominations. Moving back to Mac OS only. Judson's issue is with the proprietary MSN protocol and we ended up incorrectly hijacking this bug for that issue. While his issue looks to be a won't fix we haven't looked into the original bug report which has nothing to do with MSN SMTP servers. We still need a log on the mac of the original situation to start looking at that.
Severity: critical → major
Status: RESOLVED → REOPENED
Keywords: mozilla0.9.8,
nsbeta1
Resolution: WONTFIX → ---
Summary: MSN SMTP sever needs proprietary authentication, not asking for authentication → Secure SMTP sever needs proprietary authentication, not asking for authentication
Comment 20•22 years ago
|
||
Seing same behaviour with Mozilla 1.2.1 (built on Yellow Dog Linux 2.3 from mozilla-1.2.1-0_rh7.srpm) and postfix-tls (postfix 1.1.11+tls0.7.15-0.woody1) package in Debian Stable (woody). Gave SASL option "noplaintext" to disable all plaintext authentication methods. When this option is in force Mozilla will _not_ authenticate, with or without TLS. EHLO AUTH string looks like this: 250-AUTH DIGEST-MD5 CRAM-MD5 GSSAPI 250-AUTH=DIGEST-MD5 CRAM-MD5 GSSAPI Once I enable plaintext passwords again Mozilla authenitcades as soon as TLS has been started. The EHLO AUTH string now looks like this: 250-AUTH DIGEST-MD5 LOGIN PLAIN CRAM-MD5 GSSAPI 250-AUTH=DIGEST-MD5 LOGIN PLAIN CRAM-MD5 GSSAPI Fortunately I can disable AUTH outside TLS so that plaintext passwords are a viable alternative. My preferences are as follows: user_pref("mail.smtp.defaultserver", "smtp1"); user_pref("mail.smtpserver.smtp1.auth_method", 1); user_pref("mail.smtpserver.smtp1.hostname", "smtps.langfeldt.net"); user_pref("mail.smtpserver.smtp1.port", 465); user_pref("mail.smtpserver.smtp1.try_ssl", 2); user_pref("mail.smtpserver.smtp1.username", "janl"); user_pref("mail.smtpservers", "smtp1,smtp1"); A interesting feature is the repitition of the same smtp server twice, also in the GUI. But this seems harmless.
Comment 21•21 years ago
|
||
This seems to be an old bug that has been addressed. It has either been fixed by version 1.4b or is addressed by one or more of the following bugs: bug 150212, bug 154099, bug 155172, bug 190775, bug 202148, bug 204371 . I say it should be closed.
Comment 22•21 years ago
|
||
This is my first bug files, please excuse and errors or omissions. My provider, Verizon, allows 4 email addresses. I set up 4, using the advanced outgoing server (SMTP) settings, to create 4 outgoing servers so that I could assign the unique userid/password to emails sent from each account, which is required by Verizon. This worked fine for several months for both incoming and outgoing mail. However about a week ago when I tried to send an email from one of the accounts I received 'sending of message failed - The message could not be sent because connecting to SMTP server outgoing.verizon.net failed. The server may be unavailable or refusing SMTP connections. Please verify that your SMTP connection server setting is correct and try again, or else contact your network administrator' I contacted Verizon and all was O.K. their end, I am still able to use the email address using Verizon's website. I can also receive emails on my local machine, but cannot send. The other 3 addresses can send and receive. I tried installing 1.4 again. I also tried deleting and setting up the account again. I read on one sight that multiple SMTP's could be problematic. I am running W98 on a Pentium 3.
Comment 23•20 years ago
|
||
This bug is still there. Since 4 month now I´m using Opera to send my mails. I have 3 mail accounts all at different domains. For none of them sending a mail works. error message: An error occurred while sending mail. The mailserver responded: 5.7.1 <myemail@gmx.de>... Relaying denied. Please verify that your email address is correct in your Mail preferences and try again. I completely removed my Mozilla (1.5) and installed a new version (1.6) but that did not help. When I switched to Oprea for sending mails I got an error message with the same errorcode as above (5.7.1) but with the authentication it worked then (for all three accounts). Unfortunately Mozilla doen´t ask for a password and there is no way to set one (in the SMTP settings one can only set a username but no password). Please fix this. Like this the Mozilla mail client is useless. system: WindowsXP SP1
Comment 24•20 years ago
|
||
Mozilla can't implement an undocumented, proprietary mechanism. There isn't a much better response for it to take than to try sending the mail anyway. Suggest WONTFIX
Comment 25•20 years ago
|
||
In "Mail account settings -> Outgoing Server (SMTP) Settings" one can select a checkbox called "use name and password" and then enter a "user name". BUT THERE IS NO FIELD FOR THE "PASSWORD"!!! That is the problem. Opera asked me for the authentication password, Mozilla does not! When all this is "an undocumented, proprietary mechanism", why do I have the options in the settings to turn it on and specify a user name? And why do other email clients can do it?
Comment 26•20 years ago
|
||
(In reply to comment #25) > In "Mail account settings -> Outgoing Server (SMTP) Settings" one can select a > checkbox called "use name and password" and then enter a "user name". BUT THERE > IS NO FIELD FOR THE "PASSWORD"!!! That is the problem. > > Opera asked me for the authentication password, Mozilla does not! > > When all this is "an undocumented, proprietary mechanism", why do I have the > options in the settings to turn it on and specify a user name? And why do other > email clients can do it? antx: Have you possibly changed your password at some point before this stopped working? If so, mozilla is probably sending the wrong password. You are correct that there is no way to enter the password in the Preferences dialog. But the first time you try and send, Mozilla will prompt for the password. It will only do this if there is no saved password for the server. To check if there is a saved password, go to Tools->Password Manager->Manage Saved passwords and then scroll down the list until you see entries beginning with 'smtp://'. If you see your server and username that is not working, try deleting them and then try and send a mail message. Kevin
Comment 27•20 years ago
|
||
Kevin: yes, I checked this. There is no SMTP password stored in my password manager. I even removed all passwords from the manager, but Mozilla never asked for a password for the SMTP authentication after that either. Before this stopped working I never needed a password for authentication. It was from one day to another that it stopped. Only with Opera I figured that the authentication was the problem (Mozilla's error message was not quite helpful). Thanx anyway for your response!
Comment 28•20 years ago
|
||
antx: A log file with an attempt to send a message would be very helpful. See http://www.mozilla.org/quality/mailnews/mail-troubleshoot.html -- Use SMTP instead of IMAP when setting variables, e.g. ENV:NSPR_LOG_MODULES=SMTP:5 Also, your settings in Opera that work would be advantageous. Kevin
Comment 29•20 years ago
|
||
This may sound strange now, but I got it to work, even if I don´t understand it. That's what I did: - set NSPR_LOG_MODULES=SMTP:5 and set NSPR_LOG_FILE=c:\temp\mylog.txt and start mozilla - composed a mail and tried to send it: without success. - quit mozilla and checked the logfile: two SMTP servers where mentioned there both for diferent accounts. - I started mozilla again, removed in the SMTP-settings->Advanced the one SMTP-server that I was not using in this test. - composed another mail and tried to send it: without success. - I quit mozilla and started mozilla again, composed another mail and tried to send it: and now I got the request for a password. I typed my PW and the mail was sent out. I put the other SMTP-server in again (and removed the PW from the PW-manager) just to test if this was really it, but I got the request for the password again. Unfortunately the logfile from the first test got overwritten and since I now get the password request my new logfile is most likely useless. (btw. my other two email accounts work now as well... very weird)
Updated•20 years ago
|
Product: MailNews → Core
Updated•19 years ago
|
Assignee: mscott → nobody
Status: REOPENED → NEW
QA Contact: esther
Updated•19 years ago
|
Summary: Secure SMTP sever needs proprietary authentication, not asking for authentication → Secure SMTP server needs proprietary authentication, not asking for authentication
Assignee | ||
Updated•16 years ago
|
Product: Core → MailNews Core
Updated•16 years ago
|
QA Contact: networking.smtp
Comment 30•3 years ago
|
||
WFM per comment 29
Status: NEW → RESOLVED
Closed: 23 years ago → 3 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•