| Dart Home | PowerTCP Mail for ActiveX | Custom Development | Reply | PowerTCP Mail for ActiveX Topics | Forums |
| Author | Forum: PowerTCP Mail for ActiveX Topic: Mailtool and RFC 2554 |
| User179 Posts: 10 Member Since: 03/12/02 |
posted March 12, 2002 6:55 PM First, our ACT!/Mail Merge tool worked with just about everything we threw it at (thanks to Dart). Then, Exchange users started having problems with secure login. Now, it's happening almost everywhere. Here's a sample of mail I just got: -------------------------------------------product: Mail Merge version: 2.11 issue: My Cable ISP requires SMTP verification. Your program has no check box for it. So we swithched to yahoo e-mail. Now yahoo requires SMTP verification. So we swithced to www.runbox.com Now as of March 7, 2002 Runbox also requires SMTP verification! Help! We are unable to use your program! ------------------------------------------- that about sums it up. We've put together a "throw the mail in the Outlook Outbox" solution, but that was what we were trying to avoid by using Dart in the first place. Any plans here, or do we need to look for a new control? |
K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted March 13, 2002 9:19 AM Hi, The Smtp.Login method includes parameters for Username and Password. Have you tried setting these parameters? (If they are not available to you, please get the updated controls: http://www.dart.com/downloads/update.exe ) -ken K M Drake Dart Tech Support |
| User179 Posts: 10 Member Since: 03/12/02 |
posted March 13, 2002 2:08 PM We do support the SMTP username/password. What appears to be happening is more people are being required to check the "Log on using Secure Password Authentication" or "My server requires authentication" in Outlook Account setup. When this happens, Dart stops working. We are using the latest DLLs. It's possible we're missing something here, but it would be nice to get a clear statement from you guys of what sorts of Outlook Account setups do work and don't work and how to call Dart to support the various settings. |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted March 13, 2002 3:40 PM Hi, Secure Password Authentication uses Microsoft's proprietary NTLM authentication scheme. We have looked into supporting it in the past, but Microsoft does not provide an API or any information for authenticating against the scheme (most likely to ensure a Microsoft client like Outlook Express is needed to get your email). So we do not support it. Sorry, -ken K M Drake Dart Tech Support |
| User179 Posts: 10 Member Since: 03/12/02 |
posted March 15, 2002 4:35 PM OK, I'm getting more educated about this. It appears that the thing we're missing is support for RFC 2554: SMTP Authentication. I don't see that listed in the RFCs supported by Mailtool, and it isn't a Microsoft proprietary thing. Yahoo, for example, just started requiring this type of Authentication. there's a good background article at: http://www.sendmail.net/rfc2554.shtml thanks. jake |
| K M Drake From: Utica, NY USA Posts: 3406 Member Since: 07/14/00 |
posted March 15, 2002 5:31 PM Hi Jake, Thanks for the link. I have sent the link to the product manager to look at. -ken K M Drake Dart Tech Support |
| User182 Posts: 1 Member Since: 03/17/02 |
posted March 17, 2002 8:55 PM Hi, Ken, Are you able to give us any ideas of a workaround or whether support for RFC2554 is likely in the Dart control? The company I work for needs to embed SMTP/POP e-mail into the flagship application. Many of the intended users of this module will be using Yahoo accounts. I've spent a considerable amount of time evaluating various SMTP/POP controls and decided that Dart offered the best components in terms of speed, functionality & price. However, this problem may force me to reconsider. I hope to hear good news from you... - Phil |
| N/A | posted March 17, 2002 10:26 PM It's probably possible to get around this problem using the .Command method. I've successfully logged into an Exchange server using "AUTH LOGIN". It prompts you for username and password, you supply these in base64 and everythings fine: SMTP.Command = "AUTH LOGIN", strReply '* strReply = "VXNlcm5hbWU6" ' ("Username:") SMTP.Command = "bXl1c2VybmFtZQ=", strReply '* myusername '* strReply = "UGFzc3dvcmQ6" ' ("Password:") SMTP.Command = "bXlwYXNzd29yZA=", strReply '* mypassword '* strReply = "235 2.7.0 Authentication successful." Of course, this only answers AUTH LOGIN, I don't know what "AUTH GSSAPI" or "AUTH NTLM" might want. Is anyone able to comment on this? - Phil |
Alex Gladshtein From: Rome, NY USA Posts: 131 Member Since: 12/27/00 |
posted March 18, 2002 10:21 AM Hello Phil, I am the Product Manager. I have been following this thread and we do have an internal CRAM MD-5 library in our product, but we only used it for POP. We are currently looking at extending it to SMTP. If you can send me an email directly, I can have a beta sent to you. One of the developers is currently looking at extending the library as I write this. With respect to basic AUTH LOGIN, I am not sure why that doesn't work with Exchange. It should. We are looking into that. There should be no reason to use the Command method as the product is intended to support that functionality. I will have it checked against our test Exchange server to see if we can reproduce the problem. Thanks, Alex |
| User179 Posts: 10 Member Since: 03/12/02 |
posted March 19, 2002 9:20 AM I'm here to apologize. The day I wrote the "anchor" note, we had been doing a ton of support for people that our product was getting SMTP errors. It turns out Yahoo has changed their settings, and this is happening more and more at various ISPs (in addition to Port 25 blocking, which is another nightmare). Dart: please reach into your database and change the title on this note stream to "mailtool and RFC 2554". You've got a good product here and I don't want to cost you any sales. Here's what I've learned: Yahoo now requests "AUTH=LOGIN PLAIN". What I learned last night is that Dart DOES support this. Yahoo has changed (recently, I guess) from requiring POP Login verification to Authentication verification. (and I think it fails if you leave POP Login turned on - not sure about this point). Here's the details: http://www.nwoods.com/act/support.asp?technote=15&product=swmmm&version=3.1 My commitment to you, folks at Dart, is that I will get good feedback to you about what sorts of "AUTH" requests we are seeing in the hopes that you can add support for any that you don't support. I'd also like to request NTLM support for Exchange again. This has cost us several sales, to the point that I'd be willing to pay more for a "Mailtool Enterprise" edition that had the support. (One possible workaround here is to wire the Dart API to CDOSYS, which is only provided on Windows 2000 & XP. If I could flip a bit which said "Use CDO / Use SMTP" that would save me recoding my application for CDO.) Jake |
| N/A | posted March 19, 2002 10:19 AM I'm taking a look at Yahoo and trying to figure out what has changed with their authentication mechanism. They have not changed their list of supported authentication types from AUTH Login (for SMTP), which means they are not in compliance with the standard. Exchange sends back the same supported list, and we work with it. Any documentation you could provide on this would be appreciated. 2554 refers to CRAM-MD5, which requires that the server send a salt value for the hash, AND that the server add CRAM-MD5 to their list of supported authentication mechanisms. Yahoo does neither (they just send "Username:" and "Password:"). About NTLM: NTLM is not an open standard, and Microsoft only seems to provide support through its own high-level internet communication APIs, which would signficantly diminish our flexibility. If you know where we could find low-level support for this, a specification for the standard, or even a non-Microsoft (preferably small) application that supports NTLM, that would help. Steven Ross Dart Development |
| User179 Posts: 10 Member Since: 03/12/02 |
posted March 19, 2002 2:19 PM OK, you asked... http://razor.bindview.com/publish/advisories/adv_NTLMSSP.html http://msdn.microsoft.com/library/default.asp?url=/library/en-us/com/security_9qgg.asp http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q180548& |
| Reply | PowerTCP Mail for ActiveX Topics | Forums |
This site is powered by
PowerTCP WebServer for ActiveX
|