Exchange 2010 – AUTH PLAIN not supported


Exchange Server 2007/2010 does not support AUTH=PLAIN common method.

Exchange 2010 Support for RFC Standards

  • RFC: 3501 http://www.ietf.org/rfc/rfc3501.txt
  • Title: Internet Message Access Protocol – Version 4rev1
  • Updated by: 4466, 4469, 4551, 5032, 5182
  • Obsoletes: 2060
  • Exchange 2010 specific: Implemented by Exchange 2010 (AUTH=PLAIN not supported)

AUTH=PLAIN common method description:

  • “The mechanism consists of a single message from the client to the server. The client sends the authorization identity (identity to login as), followed by a US-ASCII NULL character, followed by the authentication identity (identity whose password will be used), followed by a US-ASCII NULL character, followed by the clear-text password. The client may leave the authorization identity empty to indicate that it is the same as the authentication identity.”
  • In other words, the correct form of the AUTH PLAIN value is ‘authiduseridpasswd’ where ” is the null byte.
  • After the client has sent the AUTH PLAIN command to the server, the server responds with a 334 reply code. Then the username and password are sent from the client to the server. The username and password are combined to one string and BASE64 encoded. Although the keyword PLAIN is used, the username and password are not sent as plain text over the Internet they are always BASE64 encoded.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s