AUTH PLAIN vs AUTH LOGIN and TLS Exchange 2010

Posted on 2012-08-30
Last Modified: 2012-09-11
I have one of my developers using a program called monit (don't know a lot about it). Its used to send alerts about various systems in linux (we use ubuntu).

some of these servers using monit and ubuntu are on servers off of our main network. what i've done is made a special receive connector with a different port number other than 25 and only allow IP's that we trust (using our firewall). I've enabled basic authentication as well as only allow basic authentication after starting TLS.

My developer tells me that im only presenting auth login and not auth plain. monit doesnt support auth login. it only supports auth plain. since i dont know the program i can't do any testing to see what options come up after initiating a starttls.

I though if i selected basic authentication it would allow both auth plain and auth login?

if anyone can shed any light let me know.

We have an exchange 2010 server.
Question by:msidnam
    LVL 76

    Expert Comment


    The options are displayed after issuing the ehlo hostname.

    Ntlm might be the option that can work for you.  Not sure whether exchange support auth plain.
    LVL 18

    Accepted Solution


    Okay in answer to your question, with an Exchange 2010 server, AUTH PLAIN is not supported, infact it was dropped when Exchange 2007 was introduced.

    For further reading see "RFC: 3501" on this link:

    Looking over the Monit documentation, it can be configured to use TLS which will help get around the teething problems you're facing.

    See the "Setting a mail server for alert messages" section on the following link:

    I've copied a snipped for your information:

    The mail server Monit should use to send alert messages is defined with a global set statement (keywords are in capital and optional statements in [brackets]):

     SET MAILSERVER {hostname|ip-address [PORT port]
                    [USERNAME username] [PASSWORD password]
                    [using SSLV2|SSLV3|TLSV1] [CERTMD5 checksum]}+
                    [with TIMEOUT X SECONDS]
                    [using HOSTNAME hostname]
    The port statement allows one to use SMTP servers other then those listening on port 25. If omitted, port 25 is used unless ssl or tls is used, in which case port 465 is used by default.

    Monit support plain smtp authentication - you can set a username and a password using the USERNAME and PASSWORD options.

    To use secure communication, use the SSLV2, SSLV3 or TLSV1 options, you can also specify the server certificate checksum using CERTMD5 option.

    I would advise showing the developer what I've pointed out and working with him to get your servers talking correctly. Hope this helps and best of luck!
    LVL 2

    Author Comment

    Netflo, thank you. They are using TLS to start the process but since Monit doesnt support AUTH LOGIN it never goes through. But now I at least know that AUTH PLAIN is not supported by Exchange 2010. But they want TLS AND user authentication.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Suggested Solutions

    Use email signature images to promote corporate certifications and industry awards.
    "Migrate" an SMTP relay receive connector to a new server using info from an old server.
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
    Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now