Tickets :: [#13771] Adding "AUTH: PLAIN" in IMP's Received header

6.0.0-beta1

7/4/25

Summary	Adding "AUTH: PLAIN" in IMP's Received header
Queue	IMP
Queue Version	6.2.4
Type	Enhancement
State	Rejected
Priority	1. Low
Owners
Requester	viktor (at) szepe (dot) net
Created	12/31/2014 (3838 days ago)
Due
Updated	01/05/2015 (3833 days ago)
Assigned
Resolved	01/03/2015 (3835 days ago)
Milestone
Patch	No

01/05/2015 11:22:20 AM	Jan Schneider	Comment #8	Reply to this comment
All you need to do is to configure Horde to use SMTP authentication.

01/04/2015 11:45:59 AM	viktor (at) szepe (dot) net	Comment #7	Reply to this comment
Thank you for your answers. To keep it short: I'd like to implement DKIM. zdkimfilter adds the DKIM signiture to messages containing "AUTH: " So I need that string in Horde's email also. Horde is set to use plain SMTP only. Should I hack it into Horde's source code?

01/03/2015 09:46:29 PM	Michael Slusarz	Comment #6 State ⇒ Rejected	Reply to this comment
If Courier's MTA already does this, why should Horde add that? Exactly. Horde needs to connect to Courier's MTA, and this connection needs to be authenticated, so the authentication details will be added to that received header. Which is correct (especially since the Horde username != the username of the user authorized to relay mail.)

01/03/2015 09:45:07 PM	Michael Slusarz	Comment #5	Reply to this comment
Please consider adding somthing like (AUTH: PLAIN viktor@worker.szepe.net, SSL: TLSv1/SSLv3, 128bits, AES128-SHA) Why? Re: the SSL transport parameters - there is no way for PHP to know this information since PHP != HTTP server. Courier-mta adds this when sending throuhg SMTPS. AUTH is defined by SMTP. There is no protocol definition for connecting to the Horde framework. So reporting "AUTH" is simply not semantically correct. 1. zdkimfilter (only DKIM implementation for Courier-mta) needs an authenticated user to add DKIM signiture What does this have to do with Horde? 2. The user is indeed authenticated, logged in to Horde. Exactly. So there is NO authentication from browser->Horde. The browser is simply the display window for using Horde. 3. IMP says "with HTTP" even when https:// is used. What Jan said - HTTP is the protocol used to connect to the Horde server. There is no such thing as HTTPS as a protocol - it is just HTTP with TLS security.

01/02/2015 05:48:53 PM	viktor (at) szepe (dot) net	Comment #4	Reply to this comment
zdkimfilter check this line: (authuserbuf = strstr(p2, "AUTH: ")) != NULL written in C http://www.tana.it/svn/zdkimfilter/trunk/src/zdkimfilter.c

01/02/2015 05:45:41 PM	viktor (at) szepe (dot) net	Comment #3	Reply to this comment
If Courier's MTA already does this, why should Horde add that? HTTP is correct, because it's the protocol, not the security layer. Courier adds the "AUTH:" line only on authenticated SMTP/S. Horde sends email through sendmail or unauthenticated SMTP. In these cases there is no "AUTH:" line in the Received header. It would be very nice to have a config option to add the "AUTH:" line to Horde's Received header. Thank you!

01/02/2015 04:32:44 PM	Jan Schneider	Comment #2 State ⇒ Feedback	Reply to this comment
If Courier's MTA already does this, why should Horde add that? HTTP is correct, because it's the protocol, not the security layer.

12/31/2014 06:06:36 PM	viktor (at) szepe (dot) net	Comment #1 Priority ⇒ 1. Low Type ⇒ Enhancement Summary ⇒ Adding "AUTH: PLAIN" in IMP's Received header Queue ⇒ IMP Milestone ⇒ Patch ⇒ No State ⇒ New	Reply to this comment
Now IMP's Received lokks like this: Received: from 178-164-130-123.pool.digikabel.hu (178-164-130-123.pool.digikabel.hu [178.164.130.123]) by worker.szepe.net (Horde Framework) with HTTP; Wed, 31 Dec 2014 17:58:16 +0000 Please consider adding somthing like (AUTH: PLAIN viktor@worker.szepe.net, SSL: TLSv1/SSLv3, 128bits, AES128-SHA) Courier-mta adds this when sending throuhg SMTPS. 1. zdkimfilter (only DKIM implementation for Courier-mta) needs an authenticated user to add DKIM signiture 2. The user is indeed authenticated, logged in to Horde. 3. IMP says "with HTTP" even when https:// is used. Thank you very much!