Benutzer-Werkzeuge

Webseiten-Werkzeuge


exchange:smtp_auth

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

exchange:smtp_auth [2021/10/11 08:33] – angelegt ronnyexchange:smtp_auth [2021/10/11 09:59] (aktuell) rldml
Zeile 1: Zeile 1:
-====== Überschrift ======+====== SMTP AUTH ======
  
 > The AUTH command is an ESMTP command (SMTP service extension) that is used to authenticate the client to the server. The AUTH command sends the clients username and password to the e-mail server. AUTH can be combined with some other keywords as PLAIN, LOGIN, CRAM-MD5 and DIGEST-MD5 (e.g. AUTH LOGIN) to choose an authentication mechanism. The authentication mechanism chooses how to login and which level of security that should be used. > The AUTH command is an ESMTP command (SMTP service extension) that is used to authenticate the client to the server. The AUTH command sends the clients username and password to the e-mail server. AUTH can be combined with some other keywords as PLAIN, LOGIN, CRAM-MD5 and DIGEST-MD5 (e.g. AUTH LOGIN) to choose an authentication mechanism. The authentication mechanism chooses how to login and which level of security that should be used.
Zeile 81: Zeile 81:
 > The CRAM-MD5 authentication mechanism is more secure than the other two mechanisms described earlier because the password can not be retrieved by decoding the BASE64 encoded client response. The password is used as the key to calculate the HMAC but the password is not stored anywhere in the response. The client response is also invalid for further authentications because of the "challenge" sent from the server was an one-time "challenge" (often with a current time stamp included) and can not be re-used by somebody who monitors the SMTP communication. > The CRAM-MD5 authentication mechanism is more secure than the other two mechanisms described earlier because the password can not be retrieved by decoding the BASE64 encoded client response. The password is used as the key to calculate the HMAC but the password is not stored anywhere in the response. The client response is also invalid for further authentications because of the "challenge" sent from the server was an one-time "challenge" (often with a current time stamp included) and can not be re-used by somebody who monitors the SMTP communication.
  
 +[[https://www.samlogic.net/articles/smtp-commands-reference-auth.htm#:~:text=The%20AUTH%20command%20is%20an%20ESMTP%20command%20%28SMTP,%28e.g.%20AUTH%20LOGIN%29%20to%20choose%20an%20authentication%20mechanism.|Quelle]]
  
 +===== Powershell Base-64-Passwort erzeugen =====
  
 <code Powershell> <code Powershell>
-$plain = “stefan+$plain = “password123!
 $plain = [System.Text.Encoding]::UTF8.GetBytes("$plain") $plain = [System.Text.Encoding]::UTF8.GetBytes("$plain")
 $base64 = [Convert]::ToBase64String($plain) $base64 = [Convert]::ToBase64String($plain)
Zeile 90: Zeile 92:
 </code> </code>
  
 +{{tag>[SMTP AUTH NTLM Powershell]}}
exchange/smtp_auth.txt · Zuletzt geändert: 2021/10/11 09:59 von rldml

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki