SMTP AUTH for MAC OSX Mail.app
Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=5796
Printed Date: 27 December 2024 at 1:11pm
Topic: SMTP AUTH for MAC OSX Mail.app
Posted By: atifghaffar
Subject: SMTP AUTH for MAC OSX Mail.app
Date Posted: 14 September 2006 at 9:22am
|
Hello all, Has anyone a solution for Mac OSX's Mail.app SMTP authentication. It does not support the LOGIN mechanism. Is is possible to add PLAIN also as a mech? thanks in advance ------------- best regards Atif |
Replies:
Posted By: atifghaffar
Date Posted: 16 September 2006 at 2:56pm
|
hasnt anyone seen this one yet? I have to setup another server to handle these clients. I would prefer if there is only one point of entry. thanks in advance for some ideas. ------------- best regards Atif |
Posted By: WebGuyz
Date Posted: 26 February 2007 at 1:35pm
|
Aaarrrrggghhhh. Just implemented Auth Login and had no idea how many MAC users I had. All are failing Auth Login. Did this ever get resolved??? using passwd file method and not LdAP.
Thanks! ------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 26 February 2007 at 10:58pm
|
Atif, WebGuyz, We apologize, we missed this posting. Just today with WebGuyz's last entry we realized the problem. SpamFilter only supports the LOGIN SASL mechanism, we don't support the "PLAIN". We've just attempted to add PLAIN to the current beta of SpamFilter Enteprise. If either of you would like to use it before we release it, please contact us by email. ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: WebGuyz
Date Posted: 27 February 2007 at 12:28am
|
Roberto, Don't know if I'm wigging out but a few of the mac users are doing auth login succesfully, at least thats what the SFI log says. The others I have whitelisted their office IP's. Not sure why some are working (or appear to be) I'm not a mac person and have idea on how to even turn one one. Mac are much to complicated for me ;-) Don't have one here to test with. Will try to rope one of my Mac users into doing some testing tomorrow. Curious if others out there in SFI land have MAC's successfully using Auth Login (password file) Thanks! ------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 27 February 2007 at 11:30am
|
It's possible that the ones *not* working are older clients that do not support the "LOGIN" method of using the AUTH command (which is the most common one.. .strange they would not support it). In any case, we did add the "PLAIN" one in our current internal beta, and it will thus be available from the next beta we release.... ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: WebGuyz
Date Posted: 27 February 2007 at 3:58pm
|
What happens when using PLAIN? Do I still use my DES encrypted passwd list or do I have to create a separate one for my MAC users that does not have encrypted passwords? What does a PLAIN authentication file look like? I had a choice of using LDAP instead of the passwd file, but the file was so much easier (didn't have to learn LDAP ;-). I may have to go to LDAP if this gets too messy with the MACS. ------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 27 February 2007 at 4:11pm
|
Nothing changes on your end. The PLAIN is just simply another way for the SMTP client to specify the username/password combination to the SMTP server (SpamFilter in this case). The end result, being the user's ID and password, remain the same. You can still use LDAP, AD, and/or Unix passwd files to authenticate them, nothing changes there.
------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: WebGuyz
Date Posted: 27 February 2007 at 7:53pm
|
Great! How much longer before SFE becomes an official release? Weeks? Days? Is there anything special that has to be done if I install SFE today and tell it to work in standard mode? Will it pickup the current quarantine DB I have and go? Do I install it like I did previous versions, copy the exe's in to the spamfilter directory and crank it up?
------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 27 February 2007 at 8:02pm
As far as we know, judging from the bug reports (or lack of... ) the beta seems very stable. For the past month or so the issues were only with the GUI functionality, not with the performance and/or crashes.We may bring out of beta the current 3.5.3.651 and release it as a release canditate (we'll include the AUTH PLAIN addition in the RC) within a few days. The only thing slowing down the official release right now is the fact that we're updating the documentation and the website. For the update, as usual we tried to make everything as easy as possible... Yes, simply overwrite the executables as usual. The new 3.5 version will make quite a few changes in the SpamFilter.ini file, moving some settings from there to separate ini file, but this will all happen automatically (right now SpamFilter is not making a backup of the SpamFilter.ini file, we'd recommend you do that manually). SpamFilter will then un SFI (standard) mode without intervention. To user SFE, you'll also need to copy the two additinoal sql scripts from the database directory. If you upgrade using the installation program, all this will happen automatically. ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: LogSat
Date Posted: 27 February 2007 at 10:54pm
|
FYI - we've just released beta 652 which has the new AUTH PLAIN support. This is the only change since the previous beta.
------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: WebGuyz
Date Posted: 07 March 2007 at 4:57pm
|
So at the Mac end, what type of authentication do they use? My choices are None, or Password.
Thanks! ------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 07 March 2007 at 10:48pm
|
...well, no authentication should revert to "basic" SMTP without using the AUTH extensions, and thus without authentication. If you specify "password" that should allow them to specify username/password, and hopefully the new AUTH PLAIN will work with older Mac clients. ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: WebGuyz
Date Posted: 08 March 2007 at 9:55am
|
Didn't seem to help. I finally had to set up a port for the MAC users and had my firewall redirect it to the SmarterMail server and there they could connect and authenticate. Here is the conversation from Smartermail to my Mac User; 08:38:12 [xx.xx.xx.xx][26824636] cmd: EHLO [xx.xx.xx.xx] Here is the conversation using debug view between the Mac and SFE version you uploaded: >>EHLO [xxx.xx.xx.xx] <<250-AUTH=LOGIN <<250-8BITMIME <<250-SIZE 35840000 <<250 HELP It seems like the Mac doesn't know what to do so it disconnects. No more conversation after SFE sends its info.
------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 08 March 2007 at 11:10am
|
That is really odd, as it shows that the client is indeed using the AUTH LOGIN command, and not the AUTH PLAIN. What I do see is that you configured SpamFilter to output an incorrect line in the EHLO response, the one that says "AUTH=LOGIN" This was added to support buggy clients, but is invalid: ;Some older email clients have a bug that requires them to see "AUTH=LOGIN" in the EHLo response rather than "AUTH LOGIN". Set this to 1 to add the incorrect syntax to the EHLO output AddIncorrectAUTHLOGINEHLOEntry=0 Can you try to go back to the default (which disables the incorrect output) to see if that helps? ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: WebGuyz
Date Posted: 08 March 2007 at 12:51pm
|
The reason I added that was because of this problem and thought maybe it would help. Will try removing it and see if I can talk a Mac user into trying this. They are all mad at me right now ;-) ------------- http://www.webguyz.net |
Posted By: WebGuyz
Date Posted: 08 March 2007 at 2:50pm
|
Roberto, My apologies for jumping the gun. The test case works fine after I removed the option: AddIncorrectAUTHLOGINEHLOEntry=1 What screwed me up was that this entry does not work until you start/stop SF. I was troubleshooting my Mac issue and during the course of troubleshooting made the change above but did not restart SF, thinking that it would get picked up by the regular check of spamfilter.ini like all the other option changes. Not so. What happened was my customers were at first having problems and I made that change and then I started getting reports that the MAC's were working! I thought the above change made the difference!! More then likely it was arp cache or something like that. That night we did some OS patches and had to reboot the server. next day, all the Macs were broken again. What I did not realize is that the reboot forced SF to start using the above option and 'broke' the MAC's. After I removed it today and realized that it was not changing until I restarted did it dawn on me what happened. What was worse was I came across that old post about MAC's not working and made the wrong assumptions. Sometimes I think I'm my own worst enemy ..... ------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 08 March 2007 at 4:08pm
|
Darn, that actually is practically the *only* setting in SpamFilter that requires a restart of SpamFilter (with the exception of the listening IP/port, unless changed via the GUI)... Sorry! I thought I had documented that somewhere... ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: WebGuyz
Date Posted: 08 March 2007 at 4:49pm
You probably did. You should update that info on that option and mention that if they use it their Mac's will stop working.  ------------- http://www.webguyz.net |
Posted By: jemmie
Date Posted: 28 April 2007 at 12:31pm
|
Hi all, I still have a problem to send mail from a mac with mail.app. When I send mail the log file from SFI show only the next two line: 04/28/07 17:02:33:189 -- (8448) Connection from: XX.XX.XX.XX - Originating country : Netherlands The debug view shows the next lines: >>EHLO [XX.XX.XX.XX] <<250-AUTH LOGIN PLAIN <<250-8BITMIME <<250 HELP When I try on the same mac to send mail from entourage there is no problem. I am using version 3.5.3.662 in standard mode. The version of the mac os is also the latest, 10.4.9, and mail.apps is version 2.1 Is there a difference between the enterprise mode and the standard mode that can cause this or does anyone have any other suggestion Thanks already, |
Posted By: WebGuyz
Date Posted: 28 April 2007 at 10:13pm
|
250-AUTH LOGIN CRAM-MD5 250 OK I believe the issue is the bolded above. This is what I get when my MAC's attempt to login to our Smartermail server and are successful. I don't think it was PLAIN that needed to be added, but rather CRAM-MD5. But I don't know for sure...
------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 28 April 2007 at 10:46pm
|
We not support CRAM-MD5 yet, sorry...
------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |