Broken kio_smtp
Marc Mutz
Marc.Mutz at uni-bielefeld.de
Thu Apr 10 23:50:58 BST 2003
On Thursday 10 April 2003 20:47, you wrote:
<snip>
> Actually there are two servers, non of them works. I don' know if it
> helps you, but their names are mail.zappmobile.ro and
> smtp.virtualartisans.com.
<snip>
Eureka! You're witness of the bug that I've fixed:
> from HEAD: [SECURITY] Don't silently bypass authentication if we're
> asked to use it and the server doesn't support any mechanisms.
So the answer is:
1. Your servers don't support SMTP-AUTH _at all_
2. The old slave simply didn't tell you this. You've always used
non-authenticated connections and you were never told.
Good news: The old slave never sent your password over the net.
Bad news: The new one does, as long as you force it to try AUTH PLAIN.
Marc
--
If privacy is outlawed, only outlaws will have privacy.
-- Phil Zimmermann
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20030411/b63ea508/attachment.sig>
More information about the kde-core-devel
mailing list