ELOG

Demo Discussion

Forum Config Examples Contributions Vulnerabilities

Discussion forum about ELOG

Not logged in

Back | Find | Login | Help

more fun with SMTP and authentication...., posted by Topher Congdon on Mon Jan 26 18:52:56 2009

Re: more fun with SMTP and authentication...., posted by Stefan Ritt on Tue Jan 27 09:03:22 2009

Message ID: 66175 Entry time: Tue Jan 27 09:03:22 2009 In reply to: 66170

Icon:

Author:

Stefan Ritt

Author Email:

stefan.ritt@psi.ch

Category:

Question

OS:

Windows

ELOG Version:

2.7.5-2168

Subject:

Re: more fun with SMTP and authentication....

> For authentication via the Windows IIS I have "basic authentication" with no TLS encryption required - I'm 
> not sure if that meets the provider's "SMTP authentication" requirement.  When I was using the previous version 
> of ELOG (sorry, I did not note the version number) the username was encrypted along with the password.  With 
> the 2168 build, the password is still encrypted but the usernamer is not; should the password be in "plain 
> text" as well?  

I changed only the screen output. The username is printed not not encrypted, to be able to check it by eye. The 
username sent over the network is and was always encrypted.

The only clue I have is to compare the network traffic you get with an email client (outlook, thunderbird ??) 
with the network traffic you get from elogd. To monitor the traffic, I use normally WireShark (formerly Ethereal, 
www.wireshark.org). You have to filter for "tcp.port == 25" which is SMTP, then capture your traffic, right-
click on it and select "Follow TCP stream". The result you see in the attachment. The strings produced by elogd 
are pink, the strings from the SMTP server are blue. In my case I don't have authentication (our SMTP server does 
not support this). In you case, you have to compare the traffic from a functioning email client with elogd.

Attachment 1:

Capture.png 10 kB | Hide | Hide all

ELOG V3.1.5-fe60aaf