XADM: Disabling Clear Text Authentication for POP3 Also Disables SSL Clear Text Authentication (235051)
The information in this article applies to:
- Microsoft Exchange Server 5.5
This article was previously published under Q235051 SYMPTOMS
Administrators are given the option to choose what type of authentication mechanism is allowed for POP3 users. If an administrator chooses to disable clear text authentication (CTA), this also disables clear text authentication over Secure Sockets Layer (SSL).
CAUSE
If the request to authenticate comes in through SSL, the Exchange Server information store authenticates the user, but an error message is returned to the client because when the store begins processing the commands, it only checks to see if clear text is disabled. If clear text is disabled, the store returns an error. The store does not check to see if the command arrives through SSL.
RESOLUTIONTo resolve this problem, obtain the latest service pack for Exchange Server version 5.5. For additional information, click the following article number to view the article in the
Microsoft Knowledge Base:
191014 XGEN: How to Obtain the Latest Exchange Server 5.5 Service Pack
The English version of this fix should have the following file attributes or later:
Component: Information Store
|
| Gapi32.dll | 2638.0 | | Mdbmsg.dll | 2638.0 | | Netif.dll | 2638.0 | | Store.exe | 2638.0 |
NOTE: This fix requires the Directory fix from the following Microsoft Knowledge Base article:
230285 XADM:'Denial of service' Vulnerability in Store with IMAP or POP3
STATUSMicrosoft has confirmed that this is a problem in Microsoft Exchange Server version 5.5. This problem was first corrected in Exchange Server 5.5 Service Pack 3.
| Modification Type: | Minor | Last Reviewed: | 9/22/2005 |
|---|
| Keywords: | kbHotfixServer kbQFE EXC55SP3Fix kbbug kbfix kbQFE KB235051 |
|---|
|