Auteur: Fred Viles Date: À: exim-users Sujet: Re: [exim] "503 AUTH command used when not advertised" problem
On 1 Sep 2004 at 11:55, Chad Leigh -- Shire.Net LLC wrote about
"Re: [exim] "503 AUTH command used w":
| On Sep 1, 2004, at 12:38 AM, Peter Savitch wrote:
|
| > EHLO (not HELO) must be given by client before AUTH.
and after STARTTLS.
| > That is, AUTH command could not be used unless advertised (through
| > EHLO,
| > according to auth_advertise, etc). This behavior was hardened in Exim
| > 4.20 and is not an option.
| >
| > First, check you confs once again for correct advertising.
|
| It advertises it and the client does an EHLO but then the client tries
| a HELO so something is not working in the conversation or something.
A successfull STARTTLS resets the session as if it were a new
connection (which it is, in a sense). The EHLO and response from
that preceded the STARTTLS negotiation are not applicable any more.
After successfull negotiation, the server returns a new welcome
banner and the client sends a fresh HELO/EHLO.
Your client is choosing to send HELO instead of EHLO. That is not in
exim's control.
| The client works fine when the TLS stuff is not running
Because it sends EHLO before STARTTLS.
| and it works
| fine using the same exim conf talking to another server I have with
| TLS.
What version of exim is running on that server? 4.10?
I see you're running 4.22 on the upgraded system. Peter already
mentioned that, prior to 4.20, exim would honor an AUTH request even
if it hadn't advertised it.
| It is related to my upgrade somehow, even though the exim
| installation was not touched in the upgrade.
Hmmm. Question your assumptions.
| Here is a complete debug run from the server side showing what is going
| on.
