Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. users
recent CVE: EXTERNAL -> external?
exim-users at lists
Oct 2, 2023, 5:44 AM
Post #1 of 2 (76 views)
Permalink
Dear List

The official communication talks of "EXTERNAL auth": Is it meant for

driver = external

as mentioned under [1] or any external authentication like

driver = dovecot

and thus written capitalized? Or does EXTERNAL refer to something completely
different?

Thank you for clarification.

Regards, Adrian.


[1] https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_external_authenticator.html

Attached Files:

Re: recent CVE: EXTERNAL -> external? [ In reply to ]
exim-users at lists
Oct 2, 2023, 6:37 AM
Post #2 of 2 (76 views)
Permalink
On 02/10/2023 13:44, Adrian Zaugg via Exim-users wrote:
> The official communication talks of "EXTERNAL auth": Is it meant for
>
> driver = external
>
> as mentioned under [1] or any external authentication like
>
> driver = dovecot
>
> and thus written capitalized? Or does EXTERNAL refer to something completely
> different?
>
> Thank you for clarification.

There's two concepts here:

a) the driver (a module within Exim),
which has the lowercase word as it's label.

b) the ESMTP protocol word used to negociate use of the feature.
Traditionally in all-caps.


For this one there's maximum confusion. The driver only handles the one method.
But the "plaintext" driver (for instance) handles both LOGIN and PLAIN methods.
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal