AUTH CRAM-MD5 FAILD When LOGIN CYRUS-IMAPD SERVER.

Wang Penghui wangpenghui at realss.com
Sun Jul 11 23:02:32 EDT 2004 

Hi,all.

I have a mail server which built with cyrus-imapd postfix openldap
cyrus-sasl under gentoo linux. When login with the php function
"imap_open", it will fail with a error follow, i have recorded the
streams send and received within the client and server.

That's the message what i have recorded:

* OK mail.garage.com Cyrus IMAP4 v2.2.3-Gentoo server ready
00000000 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
STARTTLS AUTH=NTLM
AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE
00000000 OK Completed
00000001 AUTHENTICATE CRAM-MD5
+ PDk3MTMzMTAxNi4xNTgxOTQ1MkBEb2xwaGluPg==
d2FuZ3BlbmdodWkgMmU0NzRjMzkyNzcyZGZkMGM0OWZlODU1NTllZTEyNjM=
00000001 NO user not found

It looks like that the CRAM-MD5 authenticate have faild.

But when i use mozilla-thunderbird to access the imap folders, it works
well.
Here's the streams i have recorded for it:

* OK mail.garage.com Cyrus IMAP4 v2.2.3-Gentoo server ready
1 capability
* CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
STARTTLS AUTH=NTLM AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR LISTEXT
LIST-SUBSCRIBED X-NETSCAPE
1 OK Completed
2 login "username" "passwd"
2 OK User logged in

It works well. But not use the CRAM-MD5 authenticate.

And Some of my configuration files are:

=====IMAPD.conf======
configdirectory:        /var/imap
partition-default:      /var/spool/imap
sievedir:               /var/imap/sieve
tls_cert_file:          /etc/cyrusimapd/server.crt
tls_key_file:           /etc/cyrusimapd/server.key
admins:                 cyrus
hashimapspool:          yes
allowanonymouslogin:    no
allowplaintext:         yes
unixhierarchysep:       0
servername:             mail.garage.com
sasl_pwcheck_method:    saslauthd
mech_list: plain login
sendmail: /usr/sbin/sendmail
=========================

======saslauth.conf======
ldap_servers: ldap://localhost/
ldap_bind_dn: cn=Manager, dc=eoa, dc=cn
ldap_bind_pw: dolphin
ldap_search_base: ou=Realss, dc=eoa, dc=cn
ldap_version: 3
==========================

=====/etc/conf.d/saslauthd=======
SASL_AUTHMECH=ldap
[ -n ${SASL_AUTHMECH} ] && \
        SASLAUTHD_OPTS="-a ${SASL_AUTHMECH}"
=================================

And my soft version was:

cyrus-sasl 2.1.18
cyrus-imapd 2.2.3
cyrus-imap-admin 2.2.3


I think that maybe i could remove the MD5 auth or configure the MD5 auth
correctly.
But i really dont know how to implement it, Could someone pick me up a
doc or howto.

Thank you in advance!

Wang Penghui

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list