Message 388408 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pepoluan
Recipients	Dario D'Amico, Mario Colombo, barry, orsenthil, pepoluan, r.david.murray, rahul-kumi, redstone-cold
Date	2021-03-10.07:17:29
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1615360649.84.0.327005937239.issue27820@roundup.psfhosted.org>
In-reply-to

Content
Hi Senthil, You're right, it does need a guard. According to my knowledge there is no AUTH mechanism that will send more than 3 challenges; they should fail afterwards with 535 or similar. Servers that don't do that should be considered buggy/broken. So I've pushed a commit to the GH PR that limits the challenge to 5 times, after which it will raise SMTPException. This will protect users of smtplib.SMTP from being trapped by a buggy/broken server. Rgds, --

Hi Senthil,

You're right, it does need a guard. According to my knowledge there is no AUTH mechanism that will send more than 3 challenges; they should fail afterwards with 535 or similar. Servers that don't do that should be considered buggy/broken.

So I've pushed a commit to the GH PR that limits the challenge to 5 times, after which it will raise SMTPException. This will protect users of smtplib.SMTP from being trapped by a buggy/broken server.


Rgds,
--

History
Date	User	Action	Args
2021-03-10 07:17:30	pepoluan	set	recipients: + pepoluan, barry, orsenthil, r.david.murray, redstone-cold, Dario D'Amico, Mario Colombo, rahul-kumi
2021-03-10 07:17:29	pepoluan	set	messageid: <1615360649.84.0.327005937239.issue27820@roundup.psfhosted.org>
2021-03-10 07:17:29	pepoluan	link	issue27820 messages
2021-03-10 07:17:29	pepoluan	create