User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8a3) Gecko/20040828 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8a3) Gecko/20040828 In the latest nightly build I'm unable to retrieve mail from POP3 server. I'm getting message "Sending password did not succeed. Mail server mail.barak-online.net responded: Invalid command; valid commands are: USER, QUIT". I don't have such problem with Mozilla 1.8a3 or with Thunderbird 0.7.1 with same configuration (Mozilla 1.8a3 with same profile). Reproducible: Always Steps to Reproduce: 1. Attempt to get a new mail from POP3 account 2. 3. Actual Results: Error message displayed during authentication Expected Results: Authenticate and receive new mail. In the sniffer I see the following conversation: With latest nightly build: +OK Messaging Multiplexor (Sun Java(tm) System Messaging Server 6.1 Patch 0.01 (built Jun 24 2004)) CAPA +OK list follows TOP PIPELINING UIDL RESP-CODES AUTH-RESP-CODE USER SASL PLAIN IMPLEMENTATION MMP-6.1p0.01 Jun 24 2004 . AUTH PLAIN + AGU5NzY2NTcyOABFZ1ZuSjE3 -ERR Invalid command; valid commands: USER, QUIT With Thunderbird: +OK Messaging Multiplexor (Sun Java(tm) System Messaging Server 6.1 Patch 0.01 (built Jun 24 2004)) AUTH -ERR invalid command CAPA +OK list follows TOP PIPELINING UIDL RESP-CODES AUTH-RESP-CODE USER SASL PLAIN IMPLEMENTATION MMP-6.1p0.01 Jun 24 2004 . USER ********* +OK password required for user ********* PASS ********* +OK ********* is welcome here STAT +OK 39 203328 LIST +OK 39 messages 1 4774 2 4903 ....

The wrong part seems the AUTH PLAIN + AGU5NzY2NTcyOABFZ1ZuSjE3h here. I wonder why Mozilla doesn't append the login data after AUTH PLAIN, but sends AUTH PLAIN and after that it seems to send the login data. Changes to the POP3 protocol file in the last time can be seen under http://bonsai.mozilla.org/cvslog.cgi?file=mozilla/mailnews/local/src/nsPop3Protocol.cpp

Thunderbird 0.8 suffers from same problem now. Should I file the bug for it too?

looks to be a dup - please re-open if not so. *** This bug has been marked as a duplicate of 258077 ***

(In reply to comment #1) > The wrong part seems the > AUTH PLAIN > + > AGU5NzY2NTcyOABFZ1ZuSjE3h > > here. I wonder why Mozilla doesn't append the login data after AUTH PLAIN, but > sends AUTH PLAIN and after that it seems to send the login data. Hm what? AFAIK initial response is only defined for SMTP AUTH, not for POP3 authentication. See RFC 1734, 2 vs. RFC 2554, 4.

(In reply to comment #3) > looks to be a dup - please re-open if not so. To me it doesn't look like a dupe. The server really seems to switch to PLAIN authentication but has another problem with it. "-ERR Invalid command; valid commands: USER, QUIT" reads like the server afterwards realizes it doesn't support it. But while testing it, the server also replied "-ERR [AUTH] Authentication failed" when sending the same authentication string. But nevertheless, in case of the first error reply Mozilla should have switched to USER/PASS mechanism but didn't. IMHO the explanation is that if (TestCapFlag(POP3_HAS_AUTH_RESP_CODE) && !TestFlag(POP3_AUTH_FAILURE)) in nsPop3Protocol::AuthFallback() is true for the server/response. The train of thoughts that we shouldn't fall back if the server supports AUTH_RESP_CODE (i.e. additional [AUTH] response code) but the error doesn't include "[AUTH]" seems to be wrong. We *should* fall back if we don't know the cause for sure and *should not* if the cause is or LOGIN-DELAY, IN-USE or system problem or if the server is certain that the password is wrong. So there's a ! to much.

reopening then, thx for looking into it.

This patch doesn't solve the problem the server has with PLAIN mechanism (this is really servers fault, tests with KMail also failed). But it changes (corrects) our fallback behaviour so fallback to USER/PASS is possible here.

fixed on trunk, thx, Christian.