This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: smtplib.SMTP.ehlo method esmtp_features
Type: Stage:
Components: Library (Lib) Versions: Python 2.2
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: ghaering, loewis, pierslauder
Priority: normal Keywords:

Created on 2002-07-13 23:46 by pierslauder, last changed 2022-04-10 16:05 by admin. This issue is now closed.

Messages (10)
msg11567 - (view) Author: Piers Lauder (pierslauder) * (Python triager) Date: 2002-07-13 23:46
The ehlo() method in the smtplib class SMTP appears to
incorrectly
handle the response from Eudora Internet Mail Server
3.1.3 .

The rsponse to the "EHLO" command is:

send: 'ehlo gemini.cs.usyd.edu.au\r\n'
reply: '250-webfactory.com.au hello
gemini.cs.usyd.edu.au (129.78.111.139)\r\n'
reply: '250-EXPN\r\n'
reply: '250-PIPELINING\r\n'
reply: '250-8BITMIME\r\n'
reply: '250-BINARYMIME\r\n'
reply: '250-CHUNKING\r\n'
reply: '250-ENHANCEDSTATUSCODES\r\n'
reply: '250-ETRN\r\n'
reply: '250-AUTH CRAM-MD5 NTLM PLAIN LOGIN\r\n'
reply: '250-AUTH=LOGIN\r\n'
reply: '250 SIZE 2147483647\r\n'

which is then gathered into:

 ['webfactory.com.au hello gemini.cs.usyd.edu.au
(129.78.111.139)', 'EXPN', 'PIPELINING', '8BITMIME',
'BINARYMIME', 'CHUNKING', 'ENHANCEDSTATUSCODES',
'ETRN', 'AUTH CRAM-MD5 NTLM PLAIN LOGIN', 'AUTH=LOGIN',
'SIZE 2147483647']

which is then parsed into "self.esmtp_features as:

 {'enhancedstatuscodes': '', '8bitmime': '', 'expn':
'', 'chunking': '', 'etrn': '', 'pipelining': '',
'size': '2147483647', 'auth': '=LOGIN', 'binarymime': ''}

Note that the two lines starting "AUTH" have been
elided into the
one dictionary element 'auth':'=LOGIN'.

This prevents a subsequent call to the login() method
from correctly
identifying a suitable authentication method resulting in:

    raise SMTPException("No suitable authentication
method found.")

msg11568 - (view) Author: Martin v. Löwis (loewis) * (Python committer) Date: 2002-07-23 22:00
Logged In: YES 
user_id=21627

Can you please try the patch in

http://sourceforge.net/tracker/index.php?
func=detail&aid=572031&group_id=5470&atid=305470

and report whether it solves this problem?
msg11569 - (view) Author: Piers Lauder (pierslauder) * (Python triager) Date: 2002-07-24 11:26
Logged In: YES 
user_id=196212

I tried the patch.

It gets me further - I now get "Syntax Error, not using
<cr><lf> as end of line."

Here's the trace:

resp: ['webfactory.com.au hello gemini.cs.usyd.edu.au
(129.78.111.139)', 'EXPN', 'PIPELINING', '8BITMIME',
'BINARYMIME', 'CHUNKING', 'ENHANCEDSTATUSCODES', 'ETRN',
'AUTH CRAM-MD5 NTLM PLAIN LOGIN', 'AUTH=LOGIN', 'SIZE
2147483647']
features: {'auth=login': '', 'enhancedstatuscodes': '',
'8bitmime': '', 'expn': '', 'chunking': '', 'etrn': '',
'pipelining': '', 'size': '2147483647', 'auth': 'CRAM-MD5
NTLM PLAIN LOGIN', 'binarymime': ''}
send: 'AUTH CRAM-MD5\r\n'
reply: '334
PDExODQ1NzY3NTctNjk3MjgzMDhAd2ViZmFjdG9yeS5jb20uYXU+\r\n'
reply: retcode (334); Msg:
PDExODQ1NzY3NTctNjk3MjgzMDhAd2ViZmFjdG9yeS5jb20uYXU+
send:
'cGllcnMlY29tbXVuaXR5c29sdXRpb25zLmNvbS5hdSAzOTU2NzVmYWUwZGUxZmQyN2I3MTRjNGQ5\nYzgzOWIwNQ==\r\n'
reply: '500 Syntax error, not using <cr><lf> as end of line\r\n'
reply: retcode (500); Msg: Syntax error, not using <cr><lf>
as end of line


Which doesn't make any sense, and is probably a server
problem, since I can see that each line sent _is_ terminated
with <cr><lf>.

So I consider the patch a (qualified) success.
msg11570 - (view) Author: Gerhard Häring (ghaering) * (Python committer) Date: 2002-08-06 06:56
Logged In: YES 
user_id=163326

Piers, could you please try my patch again? It contained a
very stupid bug (sent the username twice, but no password).
This seems unrelated to the error message your SMTP server
sent, but maybe it's worth a try.
msg11571 - (view) Author: Piers Lauder (pierslauder) * (Python triager) Date: 2002-08-07 05:01
Logged In: YES 
user_id=196212

I tried the second patch. It got the same problem with "AUTH 
CRAM-MD5" ("Syntax Error, not using <cr><lf> as end of 
line.") but then I tried forcing "AUTH LOGIN" (which I think is 
what your change applied to?) and that worked. Thanks!

So, I think the <cr><lf> problem is a bug on this particular 
smtp server, and I'm now happy because I can send mail to it 
using AUTH LOGIN (and the AUTH=LOGIN feature no longer 
causes a problem for smtplib.py)

The question is - should CRAM-MD5 be the preferred 
method?

I think the answer is yes as it is more secure, but perhaps a 
note could be installed somewhere to use LOGIN 
authentication if the <cr><lf> error occurs.
msg11572 - (view) Author: Gerhard Häring (ghaering) * (Python committer) Date: 2002-10-14 16:08
Logged In: YES 
user_id=163326

Maybe we should add an additional optional argument to the
login() method? Something like:

def login(user, password, method=smtplib.AUTH_CRAM_MD5)

?
msg11573 - (view) Author: Martin v. Löwis (loewis) * (Python committer) Date: 2002-10-14 18:37
Logged In: YES 
user_id=21627

I got the impression that the original problem reported has
been fixed. Is that impression incorrect?

If this is fixed, we should close this report. 

As for adding new parameters: I'd like to get a real-world
bug report first, which then should be tracked separately.

As for using CRAM-MD5: Correct me if I'm wrong, but doesn't
that require clear text passwords on the server, and thus
cannot be implemented on top of a /etc/passwd database? If
so, I wonder whether it is used in real life.
msg11574 - (view) Author: Gerhard Häring (ghaering) * (Python committer) Date: 2002-10-14 18:54
Logged In: YES 
user_id=163326

Yes, the original problem was that we didn't parse AUTH=
lines and this has been fixed.

Apparently the reason the current code doesn't work for
Piers is that his SMTP server has problems with CRAM-MD5
although it says that it'll understand CRAM-MD5.

I can think of two workarounds:
- the additional argument like I proposedlibrary
- smtp.login() tries the advertised auth methods until it
finds one that works.   But I don't like such hacks, as they
make debugging problems even more difficult.

If anybody actually wants one of these, they should perhaps
file a feature request or a patch, so this one can be closed.

On your other question, I don't have access to a "real-life"
SMTP AUTH server except MS Exchange (of which we only
support LOGIN). You're right about not being able to use
/etc/passwd, but I believe most Unix MTAs support virtual
users, so this should not be a problem.
msg11575 - (view) Author: Piers Lauder (pierslauder) * (Python triager) Date: 2002-11-22 06:57
Logged In: YES 
user_id=196212

I think this item should be closed. It now works as far as
I'm concerned.

Just a note about CRAM-MD5 authentication. I've had a
similar "feature" request for imaplib, and after our
experience here, I decided to make it an explicit option.
Ie: the invoker doesn't silently get CRAM-MD5 if available
via the default "login" method - they have to ask for it.
That way the invoker knows the status of protection for the
password.
msg11576 - (view) Author: Martin v. Löwis (loewis) * (Python committer) Date: 2002-11-22 07:55
Logged In: YES 
user_id=21627

Ok, closing it.
History
Date User Action Args
2022-04-10 16:05:30adminsetgithub: 36891
2002-07-13 23:46:16pierslaudercreate