Re: ISP demands mail-send= authenticated ?

References: <AeydnQa9YO3oY3DenZ2dnUVZ_tadnZ2d@is.co.za>

> news@absamail.co.za wrote:
> > Suddenly [without prior warning] my mail-sends fail
> > for lack of 'authentication' !
> >
> > The ISP 'help-desk' tells me how to set-it-up under M$-outsp00k.
> > And fortunately when I bought my last IDE, I told them to put
> > windows on the first 1GB partition. So I was able to confirm that
> > with W98-outsp00k, set for 'send authenticate enabled', my
> > email gets-out.
> >
> > Q - is mail-send authentication a common requirement these days ?
> > Being in 3rd-world S.Africa I'd expect this to occur only once it
> > becomes standard practice in 1st world. I suspect that I may be
> > 'watched' by the authorities because I'm un-pee-cee.
>
Robert Harris <robert.f.harris@blueyonder.co.uk> wrote:
> Yes, it is common. It is to prevent others sending emails using your
> facilities.
>
Well since M$/ Outsp00k just uses the already existing/known
data - probably pop3's ID & password - can't the hackers just
use the Tx-authentication which is already setup for them ?
> >
> > My newest linux installation is FC1 and its emailer X..n..
> > has send-authentication setup capabilities.
> > But it's got several authentication-types to select from.
> > I selected "PLAIN", which is not 'good' and apparently
> > doesn't mean 'plain', but rather p.l.a.i.n. ?!
>
> You probably need to send a user name (which is your full email name
> e.g. chisr@absamail.co.za) and password (which is probably the same as
> your POP3/IMAP password). The normal authentication method is PLAIN.
>
> If you want to read about it, RFC2554 tells you about SMTP
> authentication generally and RFC2595 about PLAIN authentication.
>
> If you have a problem, let us know what program you are setting up.
>
Yes I've got a BIG problem.
Which 'type' of smtp-authentication to use is not a technical question;
it's a marketing question: use what M$/ Outsp00k uses.
I've already wasted plenty time searching/testing my various
linux installations, and now I don't refind the 'mailer' which
had the drop-down-menu of several smtp-authentication
types, including PLAIN.
I really didn't want to investigate RFCs just to post my mail.

> Robert
>
> >
> > How the hell can I know what to select to 'follow' the
> > M$hit setting which works ?
> >
In the real world you have to submit to using M$ or
at least following their trend ?

Apart from the official RFCs, someone/organisation
should publish "how to be compatible with M$".

Thanks,

== Chris Glur.

news@absamail.co.za writes:

> Yes I've got a BIG problem.
> Which 'type' of smtp-authentication to use is not a technical question;
> it's a marketing question: use what M$/ Outsp00k uses.
> I've already wasted plenty time searching/testing my various
> linux installations, and now I don't refind the 'mailer' which
> had the drop-down-menu of several smtp-authentication
> types, including PLAIN.
> I really didn't want to investigate RFCs just to post my mail.

Just telnet to port 25 on the mail server and see what authentication
methods in advertizes.

Here's an example with hotmail:

Connected to mx2.hotmail.com.
Escape character is '^]'.
220 bay0-mc10-f5.bay0.hotmail.com Sending unsolicited commercial or bulk
e-mail to Microsoft's computer network is prohibited. Other restrictions are
found at http://privacy.msn.com/Anti-spam/. Violations will result in use of
equipment located in California and other states. Sun, 12 Feb 2006 15:21:34
-0800
EHLO email-scan.com
250-bay0-mc10-f5.bay0.hotmail.com (3.1.0.18) Hello [216.254.115.84]
250-SIZE 29696000
250-PIPELINING
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-AUTH LOGIN
250-AUTH=LOGIN
250 OK


This tells you that hotmail accepts the LOGIN authentication method.

But generally you don't need to know this. Whatever you're using to send
mail should automatically determine the authentication method the mail
servers wants, and use it automatically. If you have explicitly tell your
software to use a specific method, your mail software is stupid.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQBD78Nyx9p3GYHlUOIRAseOAJ40jvBlaDeukTSsLxHxMn atyiHsmACfSl70
SwonvVqETPnUlv0f6jUCtLc=
=U4qz
-----END PGP SIGNATURE-----