From 5ac9f090d23e2b017aaf9c8025c4eaea7de7a388 Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Sat, 16 Oct 2010 09:42:39 +0200
Subject: Add R15 paragraph on updating fetchmail.

---
 fetchmail-FAQ.html | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'fetchmail-FAQ.html')

diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html
index 48449fc6..c77f7900 100644
--- a/fetchmail-FAQ.html
+++ b/fetchmail-FAQ.html
@@ -2508,6 +2508,15 @@ env PATH=/opt/openssl1.0.0/bin /opt/openssl1.0.0/bin/c_rehash /home/hans/certs
 
 <h2><a id="R15" name="R15">R15. Help, I'm getting Authorization failure!</a></h2>
 
+<p>First, try upgrading to fetchmail 6.3.18 or newer. Release 6.3.18 has
+received a considerable number of bug fixes for the authentication
+feature (AUTH, AUTHENTICATE, SASL). Most notably, fetchmail aborts SASL
+authentication attempts properly with an asterisk if it detects that it
+cannot make progress with a particular authentication scheme. This fixes
+issues where GSSAPI-enabled fetchmail cannot authenticate against
+Microsoft Exchange 2007 and 2010. <strong>Note</strong> that this is a
+bug in old fetchmail versions!</p>
+
 <p>Fetchmail by default attempts to authenticate using various schemes.
 Fetchmail tries these schemes in order of descending security, meaning
 the most secure schemes are tried first.</p>
-- 
cgit v1.2.3