On Tue, Jun 26, 2001 at 07:05:40PM +0530, Koti wrote:
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_041B_01C0FE72.FDDDEB00"
NEVER post text/html -- any email with HTML in it goes into
junk folder for processing if I have no better things to do...
( I use "TEXT/HTML" is signature characteristics of SPAM! )
Hi,
In RFC 2554 - SMTP service extension for authentication, in AUTH command
mentioned that "the client should send EHELO command after successful SASL
negotioation which results in the negotiation of a security layer."
Questions:
1. client should give EHLO if it wants extended SMTP service then server
gives"250 - ..." as a reply after that client will give one auth
mechanisam and conversatioin goes depending on authentication method.
why client needs to give EHLO as first command after SASL negotiation?
Just like with STARTTLS, after successfull authentication the server
may enable extensions which are not normally available for everybody.
Also, some extentions may get disabled when authentication is done.
2. If it supposed to give EHLO after successful SASL negotiation,
How server differentiate whether that command is before SASL negotiatioin
or after negotiation?
The server can keep state internally -- indeed it MUST keep state
for several basic SMTP protocol details, adding this is trivial.
3. In authentication protocol exchange server chalenge, known as ready
response is a 334 reply with the text part containing Base64 encoded string,
Client answer consitsts Base64 encoded string.
what this string?
How client validate that string?
That depends on the details of the particular authentication
mechanism.
4. when exactly CRAM or some other auth mechanisam should start?
a) make (TCP) connection
b) see 220 greeting
c) do first EHLO greeting
d) see capabilities reports (including AUTH)
d2) Do STARTTLS, if capabilities show it, and do its EHLO greeting
(continuing presuming the AUTH capability exists..)
e) do AUTH
f) do EHLO greeting again to see then current capabilities
g) continue with message transmission
Thanks in advanse,
- Koteswara Rao
Ph: 040 6513274 Extn: 8842
JUNO online services Dev Pvt Ltd.
GPR building, Begumpet,
Hyderabad, India
--
/Matti Aarnio <mea(_at_)nic(_dot_)funet(_dot_)fi>