Support for more Authentication Schema for SMTP

[loechel]

FEATURE REQUEST

Support for all common Authentication for Mail Servers (SMTP)

• PLAIN (Uses Base64 encoding) (already implemented)
• LOGIN (Uses Base64 encoding) --> obsoleted in favor of PLAIN
• NTLM (NT LAN Manager)
• GSSAPI (Generic Security Services Application Program Interface)
• DIGEST-MD5 (Digest access authentication)
• MD5
• CRAM-MD5
• OAUTH10A (OAuth 1.0a HMAC-SHA1 tokens as defined in RFC 5849)
• OAUTHBEARER (OAuth 2.0 bearer tokens as defined in RFC 6750)
• XOAUTH2

[icemac]

I do not think that none of the listed auth methods are supported. Please cross out the existing ones and create sub-issues for the missing ones. Additionally a plan how and when to impement the missing ones would be helpful.

[d-maurer]

Michael Howitz wrote at 2024-12-1 23:47 -0800:

I do not think that none of the listed auth methods are supported. Please cross out the existing ones and create sub-issues for the missing ones. Additionally a plan how and when to impement the missing ones would be helpful.

Do we really need additional auth methods? A simple auth method combined with an encrypted connection might be sufficient.

[dataflake]

I agree that a task like this that lists all authentication methods under the sun is not helpful. It would just hang around forever.

[loechel]

Ok I have crossed out the one that are implemented or depricated.

We have to look what of these Authentication schematas are really used in the wild, but more and more SMTP Providers like Google and Microsoft switch from PLAIN to advanced Authentications schema. Zope and Plone needs to be able to send mails from the system.

Best would be to look, which underlaying auth methodes are supported in CPython and revelvant frameworks, als well as postfix.