Plain Text Password Require TLS
Daniel Aquino
mr.danielaquino at gmail.com
Mon Jan 14 22:54:11 EST 2008
I set it to the following:
sasl_minimum_layer: 256
tls works fine but it also appears that non tls connections are working as well.
Here is my test.
mockingbird:/usr/local/mail# imtest -a daniel at bayshorenetworks.com -w
password 192.168.0.50
S: * OK bayshorenetworks.com Cyrus IMAP4 v2.2.13-Debian-2.2.13-10 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
STARTTLS
S: C01 OK Completed
C: L01 LOGIN daniel at bayshorenetworks.com {8}
S: + go ahead
C: <omitted>
S: L01 OK User logged in
Authenticated.
Security strength factor: 0
C: Q01 LOGOUT
Connection closed.
As you can see it says L01 login ok.
If I use tls (-s) then it says A01 login ok.
So why didn't the imapd.conf setting stop unencrypted logins?
More information about the Cyrus-sasl
mailing list