Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey Shumkin2015-10-19 14:48:51
System administration
Alexey Shumkin, 2015-10-19 14:48:51

SMTP issues 334 UGFzc3dvcmQ6 in response to MAIL FROM. How correct in terms of RFC?

Our software has functionality for sending files by e-mail. For this, SMTP components from the OverbyteICS package are used. The other day, one of the software users sent an error, saying that the mailing does not go through.
From the SMTP log you can see

SMTP component (c) 1997-2008 Francois Piette V6.18
Open mail server (:25).
Response: 220 ... Microsoft ESMTP MAIL Service ready at Fri, 16 Oct 2015 11:11:52 +0300
Command: EHLO FWD
Response: 250-... Hello [....]
Response: 250-SIZE 20971520
Response: 250-PIPELINING
Response: 250-DSN
Response: 250-ENHANCEDSTATUSCODES
Response: 250-STARTTLS
Response: 250-AUTH LOGIN
Response: 250-8BITMIME
Response: 250-BINARYMIME
Response: 250 CHUNKING
Command: AUTH LOGIN
Response: 334 VXNlcm5hbWU6
Command:
Response 334 VXNlcm5hbWU6
Command:
Response: 334 VXNlcm5hbWU6
RequestDone: Error=334 Open (smtpOpen)
Command: MAIL FROM:<....>
Response: 334 UGFzc3dvcmQ6
RequestDone: Error=334 Mail (smtpMail)

it can be seen that the server supports LOGIN-authentication
, the component we use, seeing that the server supports authentication, tries to use it unconditionally,
however, the login and password are not set by the user, since they claim that anonymous sending is also possible - the server is its own, internal
, however, on an empty the login server asks for it again and again: 334 VXNlcm5hbWU6
after (apparently three unsuccessful attempts) the component sends a MAIL FROM command, and here is the most interesting thing: the server asks for a password: 334 UGFzc3dvcmQ6

according to RFC2554
If an AUTH command fails, the server MUST behave the same as if
the client had not issued the AUTH command

however, strictly speaking, the AUTH command has not ended yet))
do you think this is a server bug? in the RFC about MAIL FROM:
If accepted,
the receiver-SMTP returns a 250 OK reply.

there is no word about errors (I didn’t see it)

and who knows, maybe this bug has already been fixed? it can be seen that the SMTP server is from Microsoft, but the version is unknown to me (so far; I asked the user, but will they answer - xs)

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexey Shumkin, 2015-10-22
@ashumkin

I didn’t have to go into the component,
just for Auth the AutoSelect behavior type was specified, which means “select the type of authorization that is supported by the server (according to its response to EHLO)
now if the login is not set, then None is used (do not use authentication), otherwise - just as it was - AutoSelect

Similar questions
C
ciedooy2017-10-03 16:23:14
How to proxy all traffic between two VDS? 2Reply
C
Cyril2020-02-21 19:24:37
Is L2TP secure without IPSec? Compared to PPTP? 4Reply
I
Ilya Miroshnichenko2017-10-05 08:39:59
How to monitor certificate expiration dates? 1Reply
1
1qq9qq2020-02-24 04:23:57
Why there are no programs with a console interface on android? 5Reply
N
Nikita2020-02-25 17:46:58
How to set up transparent Squid for a pair with Mikrotik? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question