BorlandTalk.com Borland discussion newsgroups   Archives   FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  SMTP AUTH          BorlandTalk.com Forum Index -> Delphi Internet Winsock View previous topic :: View next topic   Author Message Matt Ryan Guest Posted: Sun Apr 18, 2004 12:36 am    Post subject: SMTP AUTH I have written a simple smtp client using sockets. The mail server I am communicating with requires authentication, assuming I know the username and password how should I format these into a string the server will recognise. The server response to EHLO Matt is: 250-mail.jerseymail.co.uk Hello Matt [217.42.211.41], pleased to meet you 250-SIZE 10485760 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN 789189kw21732332418155 250-XRCPTLIMIT 100 250-XAUD 789189kw21732332418155 0.9 250 HELP Which form of AUTH should I use? Thanks Matthew Ryan Back to top Ben Hochstrasser Guest Posted: Sun Apr 18, 2004 12:47 am    Post subject: Re: SMTP AUTH Matt Ryan wrote: Quote: Which form of AUTH should I use? Login. Then the server will then prompt for username and password, and that whole dialogue runs base64-encoded. Plain is (AFAIK) the same as a browser login (base64-encoded username-dot- password) Of course, either is insecure, so once that works you may look into one of the MD5 logins (-> RFC) Synapse (http://www.ararat.cz/synapse) has a nice pop3 client. Look there how Lukas is doing it. (I'd assume Indy and ICS aren't fundamentally different) -- Ben Back to top Remy Lebeau (TeamB) Guest Posted: Sun Apr 18, 2004 5:57 am    Post subject: Re: SMTP AUTH "Matt Ryan" <matthewryan (AT) jerseymail (DOT) co.uk> wrote Quote: The mail server I am communicating with requires authentication, assuming I know the username and password how should I format these into a string the server will recognise. Have you read the official RFCs for the SMTP protocol yet? They explain everything you need to know. Please read the following RFCs for more details: RFC 2821, http://www.ietf.org/rfc/rfc1869.txt RFC 2554, http://www.ietf.org/rfc/rfc2554.txt Quote: Which form of AUTH should I use? The AUTH line of the EHLO response tells you exactly what you have to use. The server's response that you have shown is telling you that you have 4 different AUTH types that the server supports which you can choose from: AUTH LOGIN AUTH DIGEST-MD5 AUTH CRAM-MD5 AUTH PLAIN Since you have several options available to you, simply choose the one that you are most comfortable working with, depending on your actual needs. You can refer to http://www.krkeegan.com/smtp_auth/ for some basics of how AUTH LOGIN, AUTH PLAIN, and AUTH CRAM-MD5 work, and also look at RFC 2195 (http://www.ietf.org/rfc/rfc2195.txt) for how the CRAM-MD5 algorithm works. Sorry, I don't have any information available on how AUTH DIGEST-MD5 works. Gambit Back to top Remy Lebeau (TeamB) Guest Posted: Sun Apr 18, 2004 6:01 am    Post subject: Re: SMTP AUTH "Ben Hochstrasser" <bhoc@surfeu123^H^H^H.ch> wrote Quote: Plain is (AFAIK) the same as a browser login (base64-encoded username-dot-password) That is not true. First off, browsers don't support SMTP. Second, no base64 is involved at all, hense the name "PLAIN". Third, the username and password are not sent together at all, but are sent separately. Please see my other reply. Gambit Back to top Ben Hochstrasser Guest Posted: Sun Apr 18, 2004 8:14 am    Post subject: Re: SMTP AUTH Remy Lebeau (TeamB) wrote: Quote: Plain is (AFAIK) the same as a browser login (base64-encoded username-dot-password) That is not true. First off, browsers don't support SMTP. I meant "similar to a browser who authenticates with a web server". Quote: Second, no base64 is involved at all, hense the name "PLAIN". Sorry Remy: From http://www.technoids.org/saslmech.html "If a PLAIN or LOGIN mechanism is negotiated, the client sends his/her user name and password to the server in plain text (base64 encoded)." Quote: Third, the username and password are not sent together at all, but are sent separately. Please see my other reply. Did you ever ever telnet into an SMTP server and checked what happens when you say "AUTH PLAIN" or "AUTH LOGIN"? http://www.technoids.org/saslmech.html#appA -- Ben Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         BorlandTalk.com Forum Index -> Delphi Internet Winsock All times are GMT Page 1 of 1   Jump to: Select a forum C++ Builder Newsgroups----------------C++ BuilderC++ Builder (ActiveX)C++ Builder (Announcements)C++ Builder (Command Line Tools)C++ Builder DatabasesC++ Builder Databases (ADO)C++ Builder Databases (Desktop)C++ Builder Databases (InterBase Express)C++ Builder Databases (Multi-Tier)C++ Builder Databases (SQL Servers)C++ Builder (Graphics)C++ Builder (IDE)C++ Builder (Internet)C++ Builder (Internet Socket)C++ Builder (Internet Web)C++ Builder (Jobs)C++ Builder (Language)C++ Builder (Language C++)C++ Builder (Compatibility with MFC)C++ Builder (Native API)C++ Builder (Non-Technical)C++ Builder (Students)C++ Builder (Third Party Tools)C++ Builder (Upgrade)C++ Builder (VCL)C++ Builder (VCL Components Usage)C++ Builder (VCL Components Development)C++ Builder (VCL Usage)C++ Builder (WinAPI)C++ Builder Installation Delphi Newsgroups----------------Delphi (General)Delphi ActiveX Controls UsageDelphi ActiveX Controls DevelopmentDelphi As400Delphi DatabasesDelphi Databases (ADO)Delphi Databases (dbExpress)Delphi Databases (Desktop)Delphi Databases (InterBase Express)Delphi Databases (Multi-Tier)Delphi Databases (SQL Servers)Delphi DeploymentDelphi GraphicsDelphi IDEDelphi InternationalizationDelphi InternetDelphi Internet Isapi-WebBrokerDelphi Internet WebSnapDelphi Internet WinsockDelphi JobsDelphi Language BASMDelphi Language ObjectPascalDelphi Model Driven Architecture (General)Delphi Model Driven Architecture (Third Party)Delphi MultimediaDelphi Native APIDelphi Non-TechnicalDelphi ObjectPascalDelphi OLE AutomationDelphi OO designDelphi OpenToolsAPIDelphi Reporting-ChartingDelphi RTLDelphi StudentsDelphi TeamSourceDelphi Thirdparty ToolsDelphi Thirdparty Tools (General)Delphi Thirdparty Tools (IntraWeb)Delphi Thirdparty Tools (RaveReports)Delphi UpgradeDelphi VCLDelphi VCL ComponentsDelphi VCL Components UsingDelphi VCL Components WritingDelphi WebServices SOAPDelphi WinAPIDelphi XMLDelphi Installationcomp.lang.pascal.delphi.components.misccomp.lang.pascal.delphi.components.usagecomp.lang.pascal.delphi.components.writingcomp.lang.pascal.delphi.databasescomp.lang.pascal.delphi.misccomp.sources.delphi JBuilder Newsgroups----------------JBuilderJBuilder AnnouncementsJBuilder Applet IssuesJBuilder As400JBuilder CompilerJBuilder CORBA/RMIJBuilder DatabasesJBuilder DB SwingJBuilder DebuggerJBuilder DeploymentJBuilder DocumentationJBuilder EnterpriseJBuilder HandheldJBuilder IDEJBuilder JavaJBuilder JavaAPIJBuilder Java LanguageJBuilder Java SwingJBuilder Java BeansJBuilder Java Beans UsageJBuilder Java Beans DevelopmentJBuilder JBCLJBuilder JDataStoreJBuilder JobsJBuilder LinuxJBuilder MacintoshJBuilder & MobileSetJBuilder MultiLingual AppsJBuilder Non-TechnicalJBuilder OpenToolsJBuilder Servlets (JSP)JBuilder StudentsJBuilder Team DevelopmentJBuilder Thirdparty ToolsJBuilder UpgradeJBuilder Installation InterBase Newsgroups----------------InterBaseInterBase Bug DiscussionInterBase GeneralInterBase IBConsoleInterBase OpenSourceInterBase ReplicationInterBase SQLInterBase ThirdpartyInterBase Installation Miscellaneous Borland Newsgroups----------------AppCenterAppServerEnteraVisiBroker  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2006 phpBB Group SEO toolkit © 2004-2006 webmedic.