"Twinkie" Authentication Failure Messages Are Logged in the System Event Log (296804)

SYMPTOMS

The Post Office Protocol version 3 (POP3) service for Microsoft Commercial Internet System may generate many event ID 47 warning messages in the System event log that contain the text "AUTH twinkie failed for client at host x.x.x.x," where x.x.x.x is an Internet Protocol (IP) address.

CAUSE

This problem may occurs if an older mail clients deliberately sends a false "twinkie" authentication request to determine what features the mail server supports. You can safely ignore these messages. However, these messages may create a large number of messages in the System event log on a busy site.

RESOLUTION

A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem.

To resolve this problem, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/default.aspx?scid=fh;EN-US;CNTACTMS

NOTE: In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The English version of this fix should have the following file attributes or later:

   Date         Time   Version      Size     File name    Platform
   ---------------------------------------------------------------
   22-APR-2001  20:20  5.5.1877.74  195,856  Pop3svc.dll  x86

"Twinkie" Authentication Failure Messages Are Logged in the System Event Log (296804)

SYMPTOMS

CAUSE

RESOLUTION

STATUS