On Tue, 06 May 2008 12:44:38 +0200 Sebastian Hagedorn <Hagedorn@xxxxxxxxxxxx> wrote: > Hi, > > --On 4. Mai 2008 13:10:43 +0200 CHCNET Consulting <office@xxxxxxxxxx> > wrote: > > > I've patched the ntlm plugin, to support also Outlook 2007, which > > uses a slightly different approach to authenticate. All Outlook > > versions prior to 2007 using a two-stage method: first they try to > > authenticate with the username and windows domain instead of the > > maildomain (which of course doesn't work, unless we have in our > > sasdb user@NTDOMAIN). Outlook 2007 changed this method to > > username@xxxxxxxxxxxxxxx I.e. the NTLM auth is sent with username > > and client domain, where client domain is finally correctly our > > email domain! > > I don't use Outlook or even Windows personally, so I'm a bit clueless > about these things, but: I run a mail server with many users that > have that combo. We allow NTLM among other SASL methods. So I'm > interested in that patch, but I'm confused. I haven't heard any > complaints from Outlook 2007 users so far. The reason may be that > they don't use NTLM, I'm not sure. There have been complaints, > however, from Vista users. I've been told that Vista requires NTLMv2 > by default. I assume that the plugin only doies NTLMv1? Or is that > perhaps a misunderstanding? That is correct, NTLMv2 is the default for Vista. There is a short article regarding NTLMv2 and Microsoft here: http://technet.microsoft.com/en-us/magazine/cc160954.aspx > BTW, I just checked again and found that the issue appears to be with > SMTP, not with IMAP. We run sendmail with the same SASL libs, though. > > Cheers, Sebastian -- Gerard gerard@xxxxxxxxxxxxx Take your Senator to lunch this week.
Attachment:
signature.asc
Description: PGP signature
