Just practicing to pass the Turing test.
| |||||||||||
| Developer for Hire! | |||||||||||
| |||||||||||
| addedValues Plugin | |||||||||||
| |||||||||||
| |||||||||||
| |||||||||||
| Join Now Login |
Using SMTP Authentication
When a mail agent, be it a mail client such as Eudora or a program such as Frontier, communicates with a mail server it uses a protoocl called SMTP. In the early days of the internet there was no unsolicited commercial junk mail, and no-one foresaw a need to verify that the sender was who they said they were. Now SPAM is a major problem, and many servers refuse to accept email unless its if from a trusted user account. The SMTP protocol was extended to allow authentication.
The sendmail suite supports a popular authentication method - CRAM-MD5. Each time Frontier initiates an exchange with a mail server it can declare its identity by effective logging onto the server. The account name and password are not related to the email account name, such as dbayly in my email address, but are assigned by the mail server administrator to Frontier.
Sendmail also supports a less secure method of authentication called LOGIN. LOGIN is not RFC qualified, but is used by some Microsoft Exchange mail servers so is quite popular. This code was contributed by Roland Tanglao (May 2003), who wants me to note that it was only lightly tested and only against Microsft Exchange 5.5.
These account names and matching passwords are stored in tables at user.sendmail.[mail server name].username and user.sendmail.[mail server name].password. They can only be edited by the server administrator.
If there is no table for a mail server, Frontier will not attempt SMTP authentication.
If a server does not support CRAM-MD5 or LOGIN authentication, Frontier will no attempt authentication.
The cryptographic function, called HMAC-MD5, is provided by the Crypto DLL from Andre Radke.