• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2825
  • Last Modified:

AUTH PLAIN vs AUTH LOGIN and TLS Exchange 2010

I have one of my developers using a program called monit (don't know a lot about it). Its used to send alerts about various systems in linux (we use ubuntu).

some of these servers using monit and ubuntu are on servers off of our main network. what i've done is made a special receive connector with a different port number other than 25 and only allow IP's that we trust (using our firewall). I've enabled basic authentication as well as only allow basic authentication after starting TLS.

My developer tells me that im only presenting auth login and not auth plain. monit doesnt support auth login. it only supports auth plain. since i dont know the program i can't do any testing to see what options come up after initiating a starttls.

I though if i selected basic authentication it would allow both auth plain and auth login?

if anyone can shed any light let me know.

We have an exchange 2010 server.
1 Solution

The options are displayed after issuing the ehlo hostname.


Ntlm might be the option that can work for you.  Not sure whether exchange support auth plain.

Okay in answer to your question, with an Exchange 2010 server, AUTH PLAIN is not supported, infact it was dropped when Exchange 2007 was introduced.

For further reading see "RFC: 3501" on this link: http://technet.microsoft.com/en-us/library/ff848256.aspx

Looking over the Monit documentation, it can be configured to use TLS which will help get around the teething problems you're facing.

See the "Setting a mail server for alert messages" section on the following link: http://mmonit.com/monit/documentation/monit.html

I've copied a snipped for your information:

The mail server Monit should use to send alert messages is defined with a global set statement (keywords are in capital and optional statements in [brackets]):

 SET MAILSERVER {hostname|ip-address [PORT port]
                [USERNAME username] [PASSWORD password]
                [using SSLV2|SSLV3|TLSV1] [CERTMD5 checksum]}+
                [with TIMEOUT X SECONDS]
                [using HOSTNAME hostname]
The port statement allows one to use SMTP servers other then those listening on port 25. If omitted, port 25 is used unless ssl or tls is used, in which case port 465 is used by default.

Monit support plain smtp authentication - you can set a username and a password using the USERNAME and PASSWORD options.

To use secure communication, use the SSLV2, SSLV3 or TLSV1 options, you can also specify the server certificate checksum using CERTMD5 option.

I would advise showing the developer what I've pointed out and working with him to get your servers talking correctly. Hope this helps and best of luck!
msidnamAuthor Commented:
Netflo, thank you. They are using TLS to start the process but since Monit doesnt support AUTH LOGIN it never goes through. But now I at least know that AUTH PLAIN is not supported by Exchange 2010. But they want TLS AND user authentication.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now