XADM: Disabling Clear Text Authentication for POP3 Also Disables SSL Clear Text Authentication

ID: Q235051

The information in this article applies to:

Microsoft Exchange Server, version 5.5

SYMPTOMS

Administrators are given the option to choose what type of authentication mechanism is allowed for POP3 users. If an administrator chooses to disable clear text authentication (CTA), this also disables clear text authentication over Secure Sockets Layer (SSL).

CAUSE

If the request to authenticate comes in through SSL, the Exchange Server information store authenticates the user, but an error message is returned to the client because when the store begins processing the commands, it only checks to see if clear text is disabled. If clear text is disabled, the store returns an error. The store does not check to see if the command arrives through SSL.

RESOLUTION

A supported fix that corrects this problem is now available from Microsoft, but it has not been fully regression tested and should be applied only to systems experiencing this specific problem. If you are not severely affected by this specific problem, Microsoft recommends that you wait for the next Microsoft Exchange Server version 5.5 service pack that contains this fix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information on support costs, please go to the following address on the World Wide Web:

http://www.microsoft.com/support/supportnet/overview/overview.asp

The English version of this fix should have the following file attributes or later:

Component: Information Store

File name	Version
Gapi32.dll	2638.0
Mdbmsg.dll	2638.0
Netif.dll	2638.0
Store.exe	2638.0

NOTE: This fix requires the Directory fix from the following Microsoft Knowledge Base article:

Q230285 XADM:'Denial of service' Vulnerability in Store with IMAP or POP3

NOTE: If this product was already installed on your computer when you purchased it from the Original Equipment Manufacturer (OEM) and you need this fix, please call the Pay Per Incident number listed on the above Web site. If you contact Microsoft to obtain this fix, and if it is determined that you only require the fix you requested, no fee will be charged. However, if you request additional technical support, and if your no-charge technical support period has expired, or if you are not eligible for standard no-charge technical support, you may be charged a non-refundable fee.

For more information about eligibility for no-charge technical support, see the following article in the Microsoft Knowledge Base:

Q154871 Determining If You Are Eligible for No-Charge Technical Support

STATUS

Microsoft has confirmed this to be a problem in Microsoft Exchange Server version 5.5.

Additional query words:


Keywords          : exc55 
Version           : winnt:5.5
Platform          : winnt 
Issue type        : kbbug

Last Reviewed: July 12, 1999